Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2017-17862
Vulnerability from cvelistv5
Published
2017-12-23 17:00
Modified
2024-08-05 21:06
Severity ?
EPSS score ?
Summary
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T21:06:48.982Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "USN-3619-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3619-2/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.spinics.net/lists/stable/msg206984.html", }, { name: "102325", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102325", }, { name: "DSA-4073", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2017/dsa-4073", }, { name: "USN-3523-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/usn/usn-3523-2/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { name: "USN-3619-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3619-1/", }, { name: "1040057", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040057", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-12-23T00:00:00", descriptions: [ { lang: "en", value: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-04-06T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "USN-3619-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3619-2/", }, { tags: [ "x_refsource_MISC", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { tags: [ "x_refsource_MISC", ], url: "https://www.spinics.net/lists/stable/msg206984.html", }, { name: "102325", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/102325", }, { name: "DSA-4073", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2017/dsa-4073", }, { name: "USN-3523-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/usn/usn-3523-2/", }, { tags: [ "x_refsource_MISC", ], url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { name: "USN-3619-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3619-1/", }, { name: "1040057", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040057", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-17862", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "USN-3619-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3619-2/", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", refsource: "MISC", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "https://www.spinics.net/lists/stable/msg206984.html", refsource: "MISC", url: "https://www.spinics.net/lists/stable/msg206984.html", }, { name: "102325", refsource: "BID", url: "http://www.securityfocus.com/bid/102325", }, { name: "DSA-4073", refsource: "DEBIAN", url: "https://www.debian.org/security/2017/dsa-4073", }, { name: "USN-3523-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/usn/usn-3523-2/", }, { name: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", refsource: "MISC", url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { name: "USN-3619-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3619-1/", }, { name: "1040057", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040057", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-17862", datePublished: "2017-12-23T17:00:00", dateReserved: "2017-12-23T00:00:00", dateUpdated: "2024-08-05T21:06:48.982Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2017-17862\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-12-27T17:08:20.437\",\"lastModified\":\"2024-11-21T03:18:50.457\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.\"},{\"lang\":\"es\",\"value\":\"kernel/bpf/verifier.c en el kernel de Linux hasta la versión 4.14.8 ignora el código inalcanzable, incluso aunque sea procesado por compiladores en tiempo de ejecución o JIT. Este comportamiento, que también se considera un problema de lógica de poda de ramas incorrecta, podría ser utilizado por usuarios locales para provocar una denegación de servicio (DoS).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.14.8\",\"matchCriteriaId\":\"4DD5F65B-785C-436C-9177-6C16E228C08D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102325\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040057\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3619-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3619-2/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/usn/usn-3523-2/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.debian.org/security/2017/dsa-4073\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/stable/msg206984.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102325\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040057\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3619-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3619-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/usn/usn-3523-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2017/dsa-4073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/stable/msg206984.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}", }, }
gsd-2017-17862
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
Aliases
Aliases
{ GSD: { alias: "CVE-2017-17862", description: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", id: "GSD-2017-17862", references: [ "https://www.suse.com/security/cve/CVE-2017-17862.html", "https://www.debian.org/security/2017/dsa-4073", "https://ubuntu.com/security/CVE-2017-17862", "https://advisories.mageia.org/CVE-2017-17862.html", "https://security.archlinux.org/CVE-2017-17862", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2017-17862", ], details: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", id: "GSD-2017-17862", modified: "2023-12-13T01:21:04.875570Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-17862", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "USN-3619-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3619-2/", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", refsource: "MISC", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "https://www.spinics.net/lists/stable/msg206984.html", refsource: "MISC", url: "https://www.spinics.net/lists/stable/msg206984.html", }, { name: "102325", refsource: "BID", url: "http://www.securityfocus.com/bid/102325", }, { name: "DSA-4073", refsource: "DEBIAN", url: "https://www.debian.org/security/2017/dsa-4073", }, { name: "USN-3523-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/usn/usn-3523-2/", }, { name: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", refsource: "MISC", url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { name: "USN-3619-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3619-1/", }, { name: "1040057", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040057", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.14.8", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-17862", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://www.spinics.net/lists/stable/msg206984.html", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg206984.html", }, { name: "DSA-4073", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-4073", }, { name: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { name: "1040057", refsource: "SECTRACK", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040057", }, { name: "102325", refsource: "BID", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102325", }, { name: "USN-3523-2", refsource: "UBUNTU", tags: [], url: "https://usn.ubuntu.com/usn/usn-3523-2/", }, { name: "USN-3619-1", refsource: "UBUNTU", tags: [], url: "https://usn.ubuntu.com/3619-1/", }, { name: "USN-3619-2", refsource: "UBUNTU", tags: [], url: "https://usn.ubuntu.com/3619-2/", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, }, }, lastModifiedDate: "2018-04-07T01:29Z", publishedDate: "2017-12-27T17:08Z", }, }, }
opensuse-su-2024:10728-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
kernel-devel-5.14.6-1.4 on GA media
Notes
Title of the patch
kernel-devel-5.14.6-1.4 on GA media
Description of the patch
These are all security issues fixed in the kernel-devel-5.14.6-1.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10728
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "kernel-devel-5.14.6-1.4 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the kernel-devel-5.14.6-1.4 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10728", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10728-1.json", }, { category: "self", summary: "SUSE CVE CVE-2017-1000251 page", url: "https://www.suse.com/security/cve/CVE-2017-1000251/", }, { category: "self", summary: "SUSE CVE CVE-2017-12153 page", url: "https://www.suse.com/security/cve/CVE-2017-12153/", }, { category: "self", summary: "SUSE CVE CVE-2017-13080 page", url: "https://www.suse.com/security/cve/CVE-2017-13080/", }, { category: "self", summary: "SUSE CVE CVE-2017-14051 page", url: "https://www.suse.com/security/cve/CVE-2017-14051/", }, { category: "self", summary: "SUSE CVE CVE-2017-15129 page", url: "https://www.suse.com/security/cve/CVE-2017-15129/", }, { category: "self", summary: "SUSE CVE CVE-2017-15265 page", url: "https://www.suse.com/security/cve/CVE-2017-15265/", }, { category: "self", summary: "SUSE CVE CVE-2017-16536 page", url: "https://www.suse.com/security/cve/CVE-2017-16536/", }, { category: "self", summary: "SUSE CVE CVE-2017-16537 page", url: "https://www.suse.com/security/cve/CVE-2017-16537/", }, { category: "self", summary: "SUSE CVE CVE-2017-16645 page", url: "https://www.suse.com/security/cve/CVE-2017-16645/", }, { category: "self", summary: "SUSE CVE CVE-2017-16646 page", url: "https://www.suse.com/security/cve/CVE-2017-16646/", }, { category: "self", summary: "SUSE CVE CVE-2017-16647 page", url: "https://www.suse.com/security/cve/CVE-2017-16647/", }, { category: "self", summary: "SUSE CVE CVE-2017-16648 page", url: "https://www.suse.com/security/cve/CVE-2017-16648/", }, { category: "self", summary: "SUSE CVE CVE-2017-16995 page", url: "https://www.suse.com/security/cve/CVE-2017-16995/", }, { category: "self", summary: "SUSE CVE CVE-2017-16996 page", url: "https://www.suse.com/security/cve/CVE-2017-16996/", }, { category: "self", summary: "SUSE CVE CVE-2017-17448 page", url: "https://www.suse.com/security/cve/CVE-2017-17448/", }, { category: "self", summary: "SUSE CVE CVE-2017-17449 page", url: "https://www.suse.com/security/cve/CVE-2017-17449/", }, { category: "self", summary: "SUSE CVE CVE-2017-17450 page", url: "https://www.suse.com/security/cve/CVE-2017-17450/", }, { category: "self", summary: "SUSE CVE CVE-2017-17852 page", url: "https://www.suse.com/security/cve/CVE-2017-17852/", }, { category: "self", summary: "SUSE CVE CVE-2017-17853 page", url: "https://www.suse.com/security/cve/CVE-2017-17853/", }, { category: "self", summary: "SUSE CVE CVE-2017-17854 page", url: "https://www.suse.com/security/cve/CVE-2017-17854/", }, { category: "self", summary: "SUSE CVE CVE-2017-17855 page", url: "https://www.suse.com/security/cve/CVE-2017-17855/", }, { category: "self", summary: "SUSE CVE CVE-2017-17856 page", url: "https://www.suse.com/security/cve/CVE-2017-17856/", }, { category: "self", summary: "SUSE CVE CVE-2017-17857 page", url: "https://www.suse.com/security/cve/CVE-2017-17857/", }, { category: "self", summary: "SUSE CVE CVE-2017-17862 page", url: "https://www.suse.com/security/cve/CVE-2017-17862/", }, { category: "self", summary: "SUSE CVE CVE-2017-5123 page", url: "https://www.suse.com/security/cve/CVE-2017-5123/", }, { category: "self", summary: "SUSE CVE CVE-2017-5715 page", url: "https://www.suse.com/security/cve/CVE-2017-5715/", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2017-5754 page", url: "https://www.suse.com/security/cve/CVE-2017-5754/", }, { category: "self", summary: "SUSE CVE CVE-2017-7541 page", url: "https://www.suse.com/security/cve/CVE-2017-7541/", }, { category: "self", summary: "SUSE CVE CVE-2017-7542 page", url: "https://www.suse.com/security/cve/CVE-2017-7542/", }, { category: "self", summary: "SUSE CVE CVE-2017-8824 page", url: "https://www.suse.com/security/cve/CVE-2017-8824/", }, { category: "self", summary: "SUSE CVE CVE-2017-8831 page", url: "https://www.suse.com/security/cve/CVE-2017-8831/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000004 page", url: "https://www.suse.com/security/cve/CVE-2018-1000004/", }, { category: "self", summary: "SUSE CVE CVE-2018-10322 page", url: "https://www.suse.com/security/cve/CVE-2018-10322/", }, { category: "self", summary: "SUSE CVE CVE-2018-10323 page", url: "https://www.suse.com/security/cve/CVE-2018-10323/", }, { category: "self", summary: "SUSE CVE CVE-2018-1068 page", url: "https://www.suse.com/security/cve/CVE-2018-1068/", }, { category: "self", summary: "SUSE CVE CVE-2018-1118 page", url: "https://www.suse.com/security/cve/CVE-2018-1118/", }, { category: "self", summary: "SUSE CVE CVE-2018-12232 page", url: "https://www.suse.com/security/cve/CVE-2018-12232/", }, { category: "self", summary: "SUSE CVE CVE-2018-12714 page", url: "https://www.suse.com/security/cve/CVE-2018-12714/", }, { category: "self", summary: "SUSE CVE CVE-2018-13053 page", url: "https://www.suse.com/security/cve/CVE-2018-13053/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, { category: "self", summary: "SUSE CVE CVE-2018-19824 page", url: "https://www.suse.com/security/cve/CVE-2018-19824/", }, { category: "self", summary: "SUSE CVE CVE-2018-5332 page", url: "https://www.suse.com/security/cve/CVE-2018-5332/", }, { category: "self", summary: "SUSE CVE CVE-2018-5333 page", url: "https://www.suse.com/security/cve/CVE-2018-5333/", }, { category: "self", summary: "SUSE CVE CVE-2018-8043 page", url: "https://www.suse.com/security/cve/CVE-2018-8043/", }, { category: "self", summary: "SUSE CVE CVE-2018-8087 page", url: "https://www.suse.com/security/cve/CVE-2018-8087/", }, { category: "self", summary: "SUSE CVE CVE-2018-8822 page", url: "https://www.suse.com/security/cve/CVE-2018-8822/", }, { category: "self", summary: "SUSE CVE CVE-2019-10207 page", url: "https://www.suse.com/security/cve/CVE-2019-10207/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-14615 page", url: "https://www.suse.com/security/cve/CVE-2019-14615/", }, { category: "self", summary: "SUSE CVE CVE-2019-14814 page", url: "https://www.suse.com/security/cve/CVE-2019-14814/", }, { category: "self", summary: "SUSE CVE CVE-2019-14896 page", url: "https://www.suse.com/security/cve/CVE-2019-14896/", }, { category: "self", summary: "SUSE CVE CVE-2019-15030 page", url: "https://www.suse.com/security/cve/CVE-2019-15030/", }, { category: "self", summary: "SUSE CVE CVE-2019-15031 page", url: "https://www.suse.com/security/cve/CVE-2019-15031/", }, { category: "self", summary: "SUSE CVE CVE-2019-15098 page", url: "https://www.suse.com/security/cve/CVE-2019-15098/", }, { category: "self", summary: "SUSE CVE CVE-2019-15099 page", url: "https://www.suse.com/security/cve/CVE-2019-15099/", }, { category: "self", summary: "SUSE CVE CVE-2019-15290 page", url: "https://www.suse.com/security/cve/CVE-2019-15290/", }, { category: "self", summary: "SUSE CVE CVE-2019-15504 page", url: "https://www.suse.com/security/cve/CVE-2019-15504/", }, { category: "self", summary: "SUSE CVE CVE-2019-15902 page", url: "https://www.suse.com/security/cve/CVE-2019-15902/", }, { category: "self", summary: "SUSE CVE CVE-2019-16231 page", url: "https://www.suse.com/security/cve/CVE-2019-16231/", }, { category: "self", summary: "SUSE CVE CVE-2019-16232 page", url: "https://www.suse.com/security/cve/CVE-2019-16232/", }, { category: "self", summary: "SUSE CVE CVE-2019-16234 page", url: "https://www.suse.com/security/cve/CVE-2019-16234/", }, { category: "self", summary: "SUSE CVE CVE-2019-17133 page", url: "https://www.suse.com/security/cve/CVE-2019-17133/", }, { category: "self", summary: "SUSE CVE CVE-2019-17666 page", url: "https://www.suse.com/security/cve/CVE-2019-17666/", }, { category: "self", summary: "SUSE CVE CVE-2019-18808 page", url: "https://www.suse.com/security/cve/CVE-2019-18808/", }, { category: "self", summary: "SUSE CVE CVE-2019-18812 page", url: "https://www.suse.com/security/cve/CVE-2019-18812/", }, { category: "self", summary: "SUSE CVE CVE-2019-18813 page", url: "https://www.suse.com/security/cve/CVE-2019-18813/", }, { category: "self", summary: "SUSE CVE CVE-2019-19252 page", url: "https://www.suse.com/security/cve/CVE-2019-19252/", }, { category: "self", summary: "SUSE CVE CVE-2019-19332 page", url: "https://www.suse.com/security/cve/CVE-2019-19332/", }, { category: "self", summary: "SUSE CVE CVE-2019-19338 page", url: "https://www.suse.com/security/cve/CVE-2019-19338/", }, { category: "self", summary: "SUSE CVE CVE-2019-3016 page", url: "https://www.suse.com/security/cve/CVE-2019-3016/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-3887 page", url: "https://www.suse.com/security/cve/CVE-2019-3887/", }, { category: "self", summary: "SUSE CVE CVE-2019-6974 page", url: "https://www.suse.com/security/cve/CVE-2019-6974/", }, { category: "self", summary: "SUSE CVE CVE-2019-7221 page", url: "https://www.suse.com/security/cve/CVE-2019-7221/", }, { category: "self", summary: "SUSE CVE CVE-2019-7222 page", url: "https://www.suse.com/security/cve/CVE-2019-7222/", }, { category: "self", summary: "SUSE CVE CVE-2019-8564 page", url: "https://www.suse.com/security/cve/CVE-2019-8564/", }, { category: "self", summary: "SUSE CVE CVE-2019-8912 page", url: "https://www.suse.com/security/cve/CVE-2019-8912/", }, { category: "self", summary: "SUSE CVE CVE-2019-9500 page", url: "https://www.suse.com/security/cve/CVE-2019-9500/", }, { category: "self", summary: "SUSE CVE CVE-2020-10135 page", url: "https://www.suse.com/security/cve/CVE-2020-10135/", }, { category: "self", summary: "SUSE CVE CVE-2020-10766 page", url: "https://www.suse.com/security/cve/CVE-2020-10766/", }, { category: "self", summary: "SUSE CVE CVE-2020-10767 page", url: "https://www.suse.com/security/cve/CVE-2020-10767/", }, { category: "self", summary: "SUSE CVE CVE-2020-10768 page", url: "https://www.suse.com/security/cve/CVE-2020-10768/", }, { category: "self", summary: "SUSE CVE CVE-2020-12351 page", url: "https://www.suse.com/security/cve/CVE-2020-12351/", }, { category: "self", summary: "SUSE CVE CVE-2020-12352 page", url: "https://www.suse.com/security/cve/CVE-2020-12352/", }, { category: "self", summary: "SUSE CVE CVE-2020-14331 page", url: "https://www.suse.com/security/cve/CVE-2020-14331/", }, { category: "self", summary: "SUSE CVE CVE-2020-14386 page", url: "https://www.suse.com/security/cve/CVE-2020-14386/", }, { category: "self", summary: "SUSE CVE CVE-2020-24586 page", url: "https://www.suse.com/security/cve/CVE-2020-24586/", }, { category: "self", summary: "SUSE CVE CVE-2020-24587 page", url: "https://www.suse.com/security/cve/CVE-2020-24587/", }, { category: "self", summary: "SUSE CVE CVE-2020-24588 page", url: "https://www.suse.com/security/cve/CVE-2020-24588/", }, { category: "self", summary: "SUSE CVE CVE-2020-25639 page", url: "https://www.suse.com/security/cve/CVE-2020-25639/", }, { category: "self", summary: "SUSE CVE CVE-2020-25656 page", url: "https://www.suse.com/security/cve/CVE-2020-25656/", }, { category: "self", summary: "SUSE CVE CVE-2020-25668 page", url: "https://www.suse.com/security/cve/CVE-2020-25668/", }, { category: "self", summary: "SUSE CVE CVE-2020-26141 page", url: "https://www.suse.com/security/cve/CVE-2020-26141/", }, { category: "self", summary: "SUSE CVE CVE-2020-2732 page", url: "https://www.suse.com/security/cve/CVE-2020-2732/", }, { category: "self", summary: "SUSE CVE CVE-2020-29660 page", url: "https://www.suse.com/security/cve/CVE-2020-29660/", }, { category: "self", summary: "SUSE CVE CVE-2020-29661 page", url: "https://www.suse.com/security/cve/CVE-2020-29661/", }, { category: "self", summary: "SUSE CVE CVE-2020-8648 page", url: "https://www.suse.com/security/cve/CVE-2020-8648/", }, { category: "self", summary: "SUSE CVE CVE-2020-8694 page", url: "https://www.suse.com/security/cve/CVE-2020-8694/", }, { category: "self", summary: "SUSE CVE CVE-2021-23133 page", url: "https://www.suse.com/security/cve/CVE-2021-23133/", }, { category: "self", summary: "SUSE CVE CVE-2021-26708 page", url: "https://www.suse.com/security/cve/CVE-2021-26708/", }, { category: "self", summary: "SUSE CVE CVE-2021-28971 page", url: "https://www.suse.com/security/cve/CVE-2021-28971/", }, { category: "self", summary: "SUSE CVE CVE-2021-32606 page", url: "https://www.suse.com/security/cve/CVE-2021-32606/", }, { category: "self", summary: "SUSE CVE CVE-2021-33909 page", url: "https://www.suse.com/security/cve/CVE-2021-33909/", }, { category: "self", summary: "SUSE CVE CVE-2021-3483 page", url: "https://www.suse.com/security/cve/CVE-2021-3483/", }, { category: "self", summary: "SUSE CVE CVE-2021-3489 page", url: "https://www.suse.com/security/cve/CVE-2021-3489/", }, { category: "self", summary: "SUSE CVE CVE-2021-3490 page", url: "https://www.suse.com/security/cve/CVE-2021-3490/", }, { category: "self", summary: "SUSE CVE CVE-2021-3491 page", url: "https://www.suse.com/security/cve/CVE-2021-3491/", }, { category: "self", summary: "SUSE CVE CVE-2021-3640 page", url: "https://www.suse.com/security/cve/CVE-2021-3640/", }, { category: "self", summary: "SUSE CVE CVE-2021-3653 page", url: "https://www.suse.com/security/cve/CVE-2021-3653/", }, { category: "self", summary: "SUSE CVE CVE-2021-3656 page", url: "https://www.suse.com/security/cve/CVE-2021-3656/", }, { category: "self", summary: "SUSE CVE CVE-2021-3744 page", url: "https://www.suse.com/security/cve/CVE-2021-3744/", }, { category: "self", summary: "SUSE CVE CVE-2021-3753 page", url: "https://www.suse.com/security/cve/CVE-2021-3753/", }, { category: "self", summary: "SUSE CVE CVE-2021-37576 page", url: "https://www.suse.com/security/cve/CVE-2021-37576/", }, { category: "self", summary: "SUSE CVE CVE-2021-3759 page", url: "https://www.suse.com/security/cve/CVE-2021-3759/", }, { category: "self", summary: "SUSE CVE CVE-2021-38166 page", url: "https://www.suse.com/security/cve/CVE-2021-38166/", }, ], title: "kernel-devel-5.14.6-1.4 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10728-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-5.14.6-1.4.aarch64", product: { name: "kernel-devel-5.14.6-1.4.aarch64", product_id: "kernel-devel-5.14.6-1.4.aarch64", }, }, { category: "product_version", name: "kernel-macros-5.14.6-1.4.aarch64", product: { name: "kernel-macros-5.14.6-1.4.aarch64", product_id: "kernel-macros-5.14.6-1.4.aarch64", }, }, { category: "product_version", name: "kernel-source-5.14.6-1.4.aarch64", product: { name: "kernel-source-5.14.6-1.4.aarch64", product_id: "kernel-source-5.14.6-1.4.aarch64", }, }, { category: "product_version", name: "kernel-source-vanilla-5.14.6-1.4.aarch64", product: { name: "kernel-source-vanilla-5.14.6-1.4.aarch64", product_id: "kernel-source-vanilla-5.14.6-1.4.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-5.14.6-1.4.ppc64le", product: { name: "kernel-devel-5.14.6-1.4.ppc64le", product_id: "kernel-devel-5.14.6-1.4.ppc64le", }, }, { category: "product_version", name: "kernel-macros-5.14.6-1.4.ppc64le", product: { name: "kernel-macros-5.14.6-1.4.ppc64le", product_id: "kernel-macros-5.14.6-1.4.ppc64le", }, }, { category: "product_version", name: "kernel-source-5.14.6-1.4.ppc64le", product: { name: "kernel-source-5.14.6-1.4.ppc64le", product_id: "kernel-source-5.14.6-1.4.ppc64le", }, }, { category: "product_version", name: "kernel-source-vanilla-5.14.6-1.4.ppc64le", product: { name: "kernel-source-vanilla-5.14.6-1.4.ppc64le", product_id: "kernel-source-vanilla-5.14.6-1.4.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-devel-5.14.6-1.4.s390x", product: { name: "kernel-devel-5.14.6-1.4.s390x", product_id: "kernel-devel-5.14.6-1.4.s390x", }, }, { category: "product_version", name: "kernel-macros-5.14.6-1.4.s390x", product: { name: "kernel-macros-5.14.6-1.4.s390x", product_id: "kernel-macros-5.14.6-1.4.s390x", }, }, { category: "product_version", name: "kernel-source-5.14.6-1.4.s390x", product: { name: "kernel-source-5.14.6-1.4.s390x", product_id: "kernel-source-5.14.6-1.4.s390x", }, }, { category: "product_version", name: "kernel-source-vanilla-5.14.6-1.4.s390x", product: { name: "kernel-source-vanilla-5.14.6-1.4.s390x", product_id: "kernel-source-vanilla-5.14.6-1.4.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-devel-5.14.6-1.4.x86_64", product: { name: "kernel-devel-5.14.6-1.4.x86_64", product_id: "kernel-devel-5.14.6-1.4.x86_64", }, }, { category: "product_version", name: "kernel-macros-5.14.6-1.4.x86_64", product: { name: "kernel-macros-5.14.6-1.4.x86_64", product_id: "kernel-macros-5.14.6-1.4.x86_64", }, }, { category: "product_version", name: "kernel-source-5.14.6-1.4.x86_64", product: { name: "kernel-source-5.14.6-1.4.x86_64", product_id: "kernel-source-5.14.6-1.4.x86_64", }, }, { category: "product_version", name: "kernel-source-vanilla-5.14.6-1.4.x86_64", product: { name: "kernel-source-vanilla-5.14.6-1.4.x86_64", product_id: "kernel-source-vanilla-5.14.6-1.4.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.6-1.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", }, product_reference: "kernel-devel-5.14.6-1.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.6-1.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", }, product_reference: "kernel-devel-5.14.6-1.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.6-1.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", }, product_reference: "kernel-devel-5.14.6-1.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.6-1.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", }, product_reference: "kernel-devel-5.14.6-1.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.6-1.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", }, product_reference: "kernel-macros-5.14.6-1.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.6-1.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", }, product_reference: "kernel-macros-5.14.6-1.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.6-1.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", }, product_reference: "kernel-macros-5.14.6-1.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.6-1.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", }, product_reference: "kernel-macros-5.14.6-1.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.6-1.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", }, product_reference: "kernel-source-5.14.6-1.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.6-1.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", }, product_reference: "kernel-source-5.14.6-1.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.6-1.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", }, product_reference: "kernel-source-5.14.6-1.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.6-1.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", }, product_reference: "kernel-source-5.14.6-1.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-5.14.6-1.4.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", }, product_reference: "kernel-source-vanilla-5.14.6-1.4.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-5.14.6-1.4.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", }, product_reference: "kernel-source-vanilla-5.14.6-1.4.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-5.14.6-1.4.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", }, product_reference: "kernel-source-vanilla-5.14.6-1.4.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-5.14.6-1.4.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", }, product_reference: "kernel-source-vanilla-5.14.6-1.4.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2017-1000251", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000251", }, ], notes: [ { category: "general", text: "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000251", url: "https://www.suse.com/security/cve/CVE-2017-1000251", }, { category: "external", summary: "SUSE Bug 1057389 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1057389", }, { category: "external", summary: "SUSE Bug 1057950 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1057950", }, { category: "external", summary: "SUSE Bug 1070535 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1070535", }, { category: "external", summary: "SUSE Bug 1072117 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1072117", }, { category: "external", summary: "SUSE Bug 1072162 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1072162", }, { category: "external", summary: "SUSE Bug 1120758 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1120758", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-1000251", }, { cve: "CVE-2017-12153", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12153", }, ], notes: [ { category: "general", text: "A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12153", url: "https://www.suse.com/security/cve/CVE-2017-12153", }, { category: "external", summary: "SUSE Bug 1058410 for CVE-2017-12153", url: "https://bugzilla.suse.com/1058410", }, { category: "external", summary: "SUSE Bug 1058624 for CVE-2017-12153", url: "https://bugzilla.suse.com/1058624", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-12153", }, { cve: "CVE-2017-13080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13080", }, ], notes: [ { category: "general", text: "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13080", url: "https://www.suse.com/security/cve/CVE-2017-13080", }, { category: "external", summary: "SUSE Bug 1056061 for CVE-2017-13080", url: "https://bugzilla.suse.com/1056061", }, { category: "external", summary: "SUSE Bug 1063479 for CVE-2017-13080", url: "https://bugzilla.suse.com/1063479", }, { category: "external", summary: "SUSE Bug 1063667 for CVE-2017-13080", url: "https://bugzilla.suse.com/1063667", }, { category: "external", summary: "SUSE Bug 1063671 for CVE-2017-13080", url: "https://bugzilla.suse.com/1063671", }, { category: "external", summary: "SUSE Bug 1066295 for CVE-2017-13080", url: "https://bugzilla.suse.com/1066295", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-13080", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1178872 for CVE-2017-13080", url: "https://bugzilla.suse.com/1178872", }, { category: "external", summary: "SUSE Bug 1179588 for CVE-2017-13080", url: "https://bugzilla.suse.com/1179588", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13080", }, { cve: "CVE-2017-14051", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14051", }, ], notes: [ { category: "general", text: "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14051", url: "https://www.suse.com/security/cve/CVE-2017-14051", }, { category: "external", summary: "SUSE Bug 1056588 for CVE-2017-14051", url: "https://bugzilla.suse.com/1056588", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-14051", }, { cve: "CVE-2017-15129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15129", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15129", url: "https://www.suse.com/security/cve/CVE-2017-15129", }, { category: "external", summary: "SUSE Bug 1074839 for CVE-2017-15129", url: "https://bugzilla.suse.com/1074839", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-15129", }, { cve: "CVE-2017-15265", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15265", }, ], notes: [ { category: "general", text: "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15265", url: "https://www.suse.com/security/cve/CVE-2017-15265", }, { category: "external", summary: "SUSE Bug 1062520 for CVE-2017-15265", url: "https://bugzilla.suse.com/1062520", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-15265", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-15265", }, { cve: "CVE-2017-16536", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16536", }, ], notes: [ { category: "general", text: "The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16536", url: "https://www.suse.com/security/cve/CVE-2017-16536", }, { category: "external", summary: "SUSE Bug 1066606 for CVE-2017-16536", url: "https://bugzilla.suse.com/1066606", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16536", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16536", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16536", }, { cve: "CVE-2017-16537", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16537", }, ], notes: [ { category: "general", text: "The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16537", url: "https://www.suse.com/security/cve/CVE-2017-16537", }, { category: "external", summary: "SUSE Bug 1066573 for CVE-2017-16537", url: "https://bugzilla.suse.com/1066573", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16537", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16537", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16537", }, { cve: "CVE-2017-16645", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16645", }, ], notes: [ { category: "general", text: "The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16645", url: "https://www.suse.com/security/cve/CVE-2017-16645", }, { category: "external", summary: "SUSE Bug 1067132 for CVE-2017-16645", url: "https://bugzilla.suse.com/1067132", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16645", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16645", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16645", }, { cve: "CVE-2017-16646", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16646", }, ], notes: [ { category: "general", text: "drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16646", url: "https://www.suse.com/security/cve/CVE-2017-16646", }, { category: "external", summary: "SUSE Bug 1067105 for CVE-2017-16646", url: "https://bugzilla.suse.com/1067105", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16646", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16646", }, { cve: "CVE-2017-16647", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16647", }, ], notes: [ { category: "general", text: "drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16647", url: "https://www.suse.com/security/cve/CVE-2017-16647", }, { category: "external", summary: "SUSE Bug 1067102 for CVE-2017-16647", url: "https://bugzilla.suse.com/1067102", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16647", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16647", }, { cve: "CVE-2017-16648", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16648", }, ], notes: [ { category: "general", text: "The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. NOTE: the function was later renamed __dvb_frontend_free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16648", url: "https://www.suse.com/security/cve/CVE-2017-16648", }, { category: "external", summary: "SUSE Bug 1067087 for CVE-2017-16648", url: "https://bugzilla.suse.com/1067087", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16648", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16648", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16648", }, { cve: "CVE-2017-16995", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16995", }, ], notes: [ { category: "general", text: "The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16995", url: "https://www.suse.com/security/cve/CVE-2017-16995", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-16995", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16995", }, { cve: "CVE-2017-16996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16996", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16996", url: "https://www.suse.com/security/cve/CVE-2017-16996", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-16996", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16996", }, { cve: "CVE-2017-17448", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17448", }, ], notes: [ { category: "general", text: "net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17448", url: "https://www.suse.com/security/cve/CVE-2017-17448", }, { category: "external", summary: "SUSE Bug 1071693 for CVE-2017-17448", url: "https://bugzilla.suse.com/1071693", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17448", }, { cve: "CVE-2017-17449", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17449", }, ], notes: [ { category: "general", text: "The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17449", url: "https://www.suse.com/security/cve/CVE-2017-17449", }, { category: "external", summary: "SUSE Bug 1071694 for CVE-2017-17449", url: "https://bugzilla.suse.com/1071694", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17449", }, { cve: "CVE-2017-17450", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17450", }, ], notes: [ { category: "general", text: "net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17450", url: "https://www.suse.com/security/cve/CVE-2017-17450", }, { category: "external", summary: "SUSE Bug 1071695 for CVE-2017-17450", url: "https://bugzilla.suse.com/1071695", }, { category: "external", summary: "SUSE Bug 1074033 for CVE-2017-17450", url: "https://bugzilla.suse.com/1074033", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-17450", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17450", }, { cve: "CVE-2017-17852", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17852", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17852", url: "https://www.suse.com/security/cve/CVE-2017-17852", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17852", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17852", }, { cve: "CVE-2017-17853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17853", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17853", url: "https://www.suse.com/security/cve/CVE-2017-17853", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17853", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17853", }, { cve: "CVE-2017-17854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17854", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17854", url: "https://www.suse.com/security/cve/CVE-2017-17854", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17854", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17854", }, { cve: "CVE-2017-17855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17855", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17855", url: "https://www.suse.com/security/cve/CVE-2017-17855", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17855", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17855", }, { cve: "CVE-2017-17856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17856", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17856", url: "https://www.suse.com/security/cve/CVE-2017-17856", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17856", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17856", }, { cve: "CVE-2017-17857", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17857", }, ], notes: [ { category: "general", text: "The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17857", url: "https://www.suse.com/security/cve/CVE-2017-17857", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17857", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17857", }, { cve: "CVE-2017-17862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17862", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17862", url: "https://www.suse.com/security/cve/CVE-2017-17862", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17862", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17862", }, { cve: "CVE-2017-5123", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5123", }, ], notes: [ { category: "general", text: "Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5123", url: "https://www.suse.com/security/cve/CVE-2017-5123", }, { category: "external", summary: "SUSE Bug 1062473 for CVE-2017-5123", url: "https://bugzilla.suse.com/1062473", }, { category: "external", summary: "SUSE Bug 1122971 for CVE-2017-5123", url: "https://bugzilla.suse.com/1122971", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5123", }, { cve: "CVE-2017-5715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5715", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5715", url: "https://www.suse.com/security/cve/CVE-2017-5715", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5715", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1074741 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074741", }, { category: "external", summary: "SUSE Bug 1074919 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074919", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075007 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075007", }, { category: "external", summary: "SUSE Bug 1075262 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075262", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1076115 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076115", }, { category: "external", summary: "SUSE Bug 1076372 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076372", }, { category: "external", summary: "SUSE Bug 1076606 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076606", }, { category: "external", summary: "SUSE Bug 1078353 for CVE-2017-5715", url: "https://bugzilla.suse.com/1078353", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5715", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087887 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087887", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1088147 for CVE-2017-5715", url: "https://bugzilla.suse.com/1088147", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5715", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-5715", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1095735 for CVE-2017-5715", url: "https://bugzilla.suse.com/1095735", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2017-5715", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-5715", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1126516 for CVE-2017-5715", url: "https://bugzilla.suse.com/1126516", }, { category: "external", summary: "SUSE Bug 1173489 for CVE-2017-5715", url: "https://bugzilla.suse.com/1173489", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5715", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201457 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201457", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1203236 for CVE-2017-5715", url: "https://bugzilla.suse.com/1203236", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5715", }, { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2017-5754", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5754", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5754", url: "https://www.suse.com/security/cve/CVE-2017-5754", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5754", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5754", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5754", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5754", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5754", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075008 for CVE-2017-5754", url: "https://bugzilla.suse.com/1075008", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5754", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5754", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1115045 for CVE-2017-5754", url: "https://bugzilla.suse.com/1115045", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5754", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5754", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5754", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5754", }, { cve: "CVE-2017-7541", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7541", }, ], notes: [ { category: "general", text: "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7541", url: "https://www.suse.com/security/cve/CVE-2017-7541", }, { category: "external", summary: "SUSE Bug 1049645 for CVE-2017-7541", url: "https://bugzilla.suse.com/1049645", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7541", }, { cve: "CVE-2017-7542", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7542", }, ], notes: [ { category: "general", text: "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7542", url: "https://www.suse.com/security/cve/CVE-2017-7542", }, { category: "external", summary: "SUSE Bug 1049882 for CVE-2017-7542", url: "https://bugzilla.suse.com/1049882", }, { category: "external", summary: "SUSE Bug 1061936 for CVE-2017-7542", url: "https://bugzilla.suse.com/1061936", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7542", }, { cve: "CVE-2017-8824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8824", }, ], notes: [ { category: "general", text: "The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8824", url: "https://www.suse.com/security/cve/CVE-2017-8824", }, { category: "external", summary: "SUSE Bug 1070771 for CVE-2017-8824", url: "https://bugzilla.suse.com/1070771", }, { category: "external", summary: "SUSE Bug 1076734 for CVE-2017-8824", url: "https://bugzilla.suse.com/1076734", }, { category: "external", summary: "SUSE Bug 1092904 for CVE-2017-8824", url: "https://bugzilla.suse.com/1092904", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-8824", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-8824", }, { cve: "CVE-2017-8831", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8831", }, ], notes: [ { category: "general", text: "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8831", url: "https://www.suse.com/security/cve/CVE-2017-8831", }, { category: "external", summary: "SUSE Bug 1037994 for CVE-2017-8831", url: "https://bugzilla.suse.com/1037994", }, { category: "external", summary: "SUSE Bug 1061936 for CVE-2017-8831", url: "https://bugzilla.suse.com/1061936", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-8831", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-8831", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-8831", }, { cve: "CVE-2018-1000004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000004", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000004", url: "https://www.suse.com/security/cve/CVE-2018-1000004", }, { category: "external", summary: "SUSE Bug 1076017 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1076017", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-1000004", }, { cve: "CVE-2018-10322", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10322", }, ], notes: [ { category: "general", text: "The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10322", url: "https://www.suse.com/security/cve/CVE-2018-10322", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10322", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1090749 for CVE-2018-10322", url: "https://bugzilla.suse.com/1090749", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10322", }, { cve: "CVE-2018-10323", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10323", }, ], notes: [ { category: "general", text: "The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10323", url: "https://www.suse.com/security/cve/CVE-2018-10323", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10323", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1090717 for CVE-2018-10323", url: "https://bugzilla.suse.com/1090717", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10323", }, { cve: "CVE-2018-1068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1068", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1068", url: "https://www.suse.com/security/cve/CVE-2018-1068", }, { category: "external", summary: "SUSE Bug 1085107 for CVE-2018-1068", url: "https://bugzilla.suse.com/1085107", }, { category: "external", summary: "SUSE Bug 1085114 for CVE-2018-1068", url: "https://bugzilla.suse.com/1085114", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-1068", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1123903 for CVE-2018-1068", url: "https://bugzilla.suse.com/1123903", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-1068", }, { cve: "CVE-2018-1118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1118", }, ], notes: [ { category: "general", text: "Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1118", url: "https://www.suse.com/security/cve/CVE-2018-1118", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-1118", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092472 for CVE-2018-1118", url: "https://bugzilla.suse.com/1092472", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-1118", }, { cve: "CVE-2018-12232", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12232", }, ], notes: [ { category: "general", text: "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12232", url: "https://www.suse.com/security/cve/CVE-2018-12232", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-12232", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1097593 for CVE-2018-12232", url: "https://bugzilla.suse.com/1097593", }, { category: "external", summary: "SUSE Bug 1125907 for CVE-2018-12232", url: "https://bugzilla.suse.com/1125907", }, { category: "external", summary: "SUSE Bug 1127757 for CVE-2018-12232", url: "https://bugzilla.suse.com/1127757", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-12232", }, { cve: "CVE-2018-12714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12714", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12714", url: "https://www.suse.com/security/cve/CVE-2018-12714", }, { category: "external", summary: "SUSE Bug 1098933 for CVE-2018-12714", url: "https://bugzilla.suse.com/1098933", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-12714", }, { cve: "CVE-2018-13053", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13053", }, ], notes: [ { category: "general", text: "The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13053", url: "https://www.suse.com/security/cve/CVE-2018-13053", }, { category: "external", summary: "SUSE Bug 1099924 for CVE-2018-13053", url: "https://bugzilla.suse.com/1099924", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-13053", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-13053", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-18710", }, { cve: "CVE-2018-19824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19824", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19824", url: "https://www.suse.com/security/cve/CVE-2018-19824", }, { category: "external", summary: "SUSE Bug 1118152 for CVE-2018-19824", url: "https://bugzilla.suse.com/1118152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19824", }, { cve: "CVE-2018-5332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5332", }, ], notes: [ { category: "general", text: "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5332", url: "https://www.suse.com/security/cve/CVE-2018-5332", }, { category: "external", summary: "SUSE Bug 1075621 for CVE-2018-5332", url: "https://bugzilla.suse.com/1075621", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5332", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-5332", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5333", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5333", url: "https://www.suse.com/security/cve/CVE-2018-5333", }, { category: "external", summary: "SUSE Bug 1075617 for CVE-2018-5333", url: "https://bugzilla.suse.com/1075617", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5333", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-5333", }, { cve: "CVE-2018-8043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-8043", }, ], notes: [ { category: "general", text: "The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-8043", url: "https://www.suse.com/security/cve/CVE-2018-8043", }, { category: "external", summary: "SUSE Bug 1084829 for CVE-2018-8043", url: "https://bugzilla.suse.com/1084829", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-8043", }, { cve: "CVE-2018-8087", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-8087", }, ], notes: [ { category: "general", text: "Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-8087", url: "https://www.suse.com/security/cve/CVE-2018-8087", }, { category: "external", summary: "SUSE Bug 1085053 for CVE-2018-8087", url: "https://bugzilla.suse.com/1085053", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-8087", }, { cve: "CVE-2018-8822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-8822", }, ], notes: [ { category: "general", text: "Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-8822", url: "https://www.suse.com/security/cve/CVE-2018-8822", }, { category: "external", summary: "SUSE Bug 1086162 for CVE-2018-8822", url: "https://bugzilla.suse.com/1086162", }, { category: "external", summary: "SUSE Bug 1090404 for CVE-2018-8822", url: "https://bugzilla.suse.com/1090404", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-8822", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-8822", }, { cve: "CVE-2019-10207", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10207", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10207", url: "https://www.suse.com/security/cve/CVE-2019-10207", }, { category: "external", summary: "SUSE Bug 1123959 for CVE-2019-10207", url: "https://bugzilla.suse.com/1123959", }, { category: "external", summary: "SUSE Bug 1142857 for CVE-2019-10207", url: "https://bugzilla.suse.com/1142857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10207", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-14615", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14615", }, ], notes: [ { category: "general", text: "Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14615", url: "https://www.suse.com/security/cve/CVE-2019-14615", }, { category: "external", summary: "SUSE Bug 1160195 for CVE-2019-14615", url: "https://bugzilla.suse.com/1160195", }, { category: "external", summary: "SUSE Bug 1165881 for CVE-2019-14615", url: "https://bugzilla.suse.com/1165881", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14615", }, { cve: "CVE-2019-14814", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14814", }, ], notes: [ { category: "general", text: "There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14814", url: "https://www.suse.com/security/cve/CVE-2019-14814", }, { category: "external", summary: "SUSE Bug 1146512 for CVE-2019-14814", url: "https://bugzilla.suse.com/1146512", }, { category: "external", summary: "SUSE Bug 1173664 for CVE-2019-14814", url: "https://bugzilla.suse.com/1173664", }, { category: "external", summary: "SUSE Bug 1173665 for CVE-2019-14814", url: "https://bugzilla.suse.com/1173665", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14814", }, { cve: "CVE-2019-14896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14896", }, ], notes: [ { category: "general", text: "A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14896", url: "https://www.suse.com/security/cve/CVE-2019-14896", }, { category: "external", summary: "SUSE Bug 1157157 for CVE-2019-14896", url: "https://bugzilla.suse.com/1157157", }, { category: "external", summary: "SUSE Bug 1160468 for CVE-2019-14896", url: "https://bugzilla.suse.com/1160468", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14896", }, { cve: "CVE-2019-15030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15030", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15030", url: "https://www.suse.com/security/cve/CVE-2019-15030", }, { category: "external", summary: "SUSE Bug 1149713 for CVE-2019-15030", url: "https://bugzilla.suse.com/1149713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15030", }, { cve: "CVE-2019-15031", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15031", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15031", url: "https://www.suse.com/security/cve/CVE-2019-15031", }, { category: "external", summary: "SUSE Bug 1149713 for CVE-2019-15031", url: "https://bugzilla.suse.com/1149713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15031", }, { cve: "CVE-2019-15098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15098", }, ], notes: [ { category: "general", text: "drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15098", url: "https://www.suse.com/security/cve/CVE-2019-15098", }, { category: "external", summary: "SUSE Bug 1146378 for CVE-2019-15098", url: "https://bugzilla.suse.com/1146378", }, { category: "external", summary: "SUSE Bug 1146543 for CVE-2019-15098", url: "https://bugzilla.suse.com/1146543", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15098", }, { cve: "CVE-2019-15099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15099", }, ], notes: [ { category: "general", text: "drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15099", url: "https://www.suse.com/security/cve/CVE-2019-15099", }, { category: "external", summary: "SUSE Bug 1146368 for CVE-2019-15099", url: "https://bugzilla.suse.com/1146368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15099", }, { cve: "CVE-2019-15290", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15290", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-15098. Reason: This candidate is a duplicate of CVE-2019-15098. Notes: All CVE users should reference CVE-2019-15098 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15290", url: "https://www.suse.com/security/cve/CVE-2019-15290", }, { category: "external", summary: "SUSE Bug 1146378 for CVE-2019-15290", url: "https://bugzilla.suse.com/1146378", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2019-15290", url: "https://bugzilla.suse.com/1146519", }, { category: "external", summary: "SUSE Bug 1146543 for CVE-2019-15290", url: "https://bugzilla.suse.com/1146543", }, { category: "external", summary: "SUSE Bug 1158381 for CVE-2019-15290", url: "https://bugzilla.suse.com/1158381", }, { category: "external", summary: "SUSE Bug 1158834 for CVE-2019-15290", url: "https://bugzilla.suse.com/1158834", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15290", }, { cve: "CVE-2019-15504", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15504", }, ], notes: [ { category: "general", text: "drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15504", url: "https://www.suse.com/security/cve/CVE-2019-15504", }, { category: "external", summary: "SUSE Bug 1147116 for CVE-2019-15504", url: "https://bugzilla.suse.com/1147116", }, { category: "external", summary: "SUSE Bug 1185852 for CVE-2019-15504", url: "https://bugzilla.suse.com/1185852", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-15504", }, { cve: "CVE-2019-15902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15902", }, ], notes: [ { category: "general", text: "A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream \"x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()\" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15902", url: "https://www.suse.com/security/cve/CVE-2019-15902", }, { category: "external", summary: "SUSE Bug 1149376 for CVE-2019-15902", url: "https://bugzilla.suse.com/1149376", }, { category: "external", summary: "SUSE Bug 1155131 for CVE-2019-15902", url: "https://bugzilla.suse.com/1155131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15902", }, { cve: "CVE-2019-16231", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16231", }, ], notes: [ { category: "general", text: "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16231", url: "https://www.suse.com/security/cve/CVE-2019-16231", }, { category: "external", summary: "SUSE Bug 1150466 for CVE-2019-16231", url: "https://bugzilla.suse.com/1150466", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-16231", }, { cve: "CVE-2019-16232", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16232", }, ], notes: [ { category: "general", text: "drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16232", url: "https://www.suse.com/security/cve/CVE-2019-16232", }, { category: "external", summary: "SUSE Bug 1150465 for CVE-2019-16232", url: "https://bugzilla.suse.com/1150465", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-16232", }, { cve: "CVE-2019-16234", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16234", }, ], notes: [ { category: "general", text: "drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16234", url: "https://www.suse.com/security/cve/CVE-2019-16234", }, { category: "external", summary: "SUSE Bug 1150452 for CVE-2019-16234", url: "https://bugzilla.suse.com/1150452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-16234", }, { cve: "CVE-2019-17133", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-17133", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-17133", url: "https://www.suse.com/security/cve/CVE-2019-17133", }, { category: "external", summary: "SUSE Bug 1153158 for CVE-2019-17133", url: "https://bugzilla.suse.com/1153158", }, { category: "external", summary: "SUSE Bug 1153161 for CVE-2019-17133", url: "https://bugzilla.suse.com/1153161", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-17133", }, { cve: "CVE-2019-17666", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-17666", }, ], notes: [ { category: "general", text: "rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-17666", url: "https://www.suse.com/security/cve/CVE-2019-17666", }, { category: "external", summary: "SUSE Bug 1154372 for CVE-2019-17666", url: "https://bugzilla.suse.com/1154372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-17666", }, { cve: "CVE-2019-18808", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18808", }, ], notes: [ { category: "general", text: "A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18808", url: "https://www.suse.com/security/cve/CVE-2019-18808", }, { category: "external", summary: "SUSE Bug 1156259 for CVE-2019-18808", url: "https://bugzilla.suse.com/1156259", }, { category: "external", summary: "SUSE Bug 1189884 for CVE-2019-18808", url: "https://bugzilla.suse.com/1189884", }, { category: "external", summary: "SUSE Bug 1190534 for CVE-2019-18808", url: "https://bugzilla.suse.com/1190534", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-18808", }, { cve: "CVE-2019-18812", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18812", }, ], notes: [ { category: "general", text: "A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18812", url: "https://www.suse.com/security/cve/CVE-2019-18812", }, { category: "external", summary: "SUSE Bug 1156277 for CVE-2019-18812", url: "https://bugzilla.suse.com/1156277", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-18812", }, { cve: "CVE-2019-18813", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18813", }, ], notes: [ { category: "general", text: "A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18813", url: "https://www.suse.com/security/cve/CVE-2019-18813", }, { category: "external", summary: "SUSE Bug 1156278 for CVE-2019-18813", url: "https://bugzilla.suse.com/1156278", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-18813", }, { cve: "CVE-2019-19252", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19252", }, ], notes: [ { category: "general", text: "vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19252", url: "https://www.suse.com/security/cve/CVE-2019-19252", }, { category: "external", summary: "SUSE Bug 1157813 for CVE-2019-19252", url: "https://bugzilla.suse.com/1157813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-19252", }, { cve: "CVE-2019-19332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19332", }, ], notes: [ { category: "general", text: "An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19332", url: "https://www.suse.com/security/cve/CVE-2019-19332", }, { category: "external", summary: "SUSE Bug 1158827 for CVE-2019-19332", url: "https://bugzilla.suse.com/1158827", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-19332", }, { cve: "CVE-2019-19338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19338", }, ], notes: [ { category: "general", text: "A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19338", url: "https://www.suse.com/security/cve/CVE-2019-19338", }, { category: "external", summary: "SUSE Bug 1158954 for CVE-2019-19338", url: "https://bugzilla.suse.com/1158954", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-19338", }, { cve: "CVE-2019-3016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3016", }, ], notes: [ { category: "general", text: "In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3016", url: "https://www.suse.com/security/cve/CVE-2019-3016", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2019-3016", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1161154 for CVE-2019-3016", url: "https://bugzilla.suse.com/1161154", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3016", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-3887", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3887", }, ], notes: [ { category: "general", text: "A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3887", url: "https://www.suse.com/security/cve/CVE-2019-3887", }, { category: "external", summary: "SUSE Bug 1131800 for CVE-2019-3887", url: "https://bugzilla.suse.com/1131800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3887", }, { cve: "CVE-2019-6974", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-6974", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-6974", url: "https://www.suse.com/security/cve/CVE-2019-6974", }, { category: "external", summary: "SUSE Bug 1124728 for CVE-2019-6974", url: "https://bugzilla.suse.com/1124728", }, { category: "external", summary: "SUSE Bug 1124729 for CVE-2019-6974", url: "https://bugzilla.suse.com/1124729", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-6974", }, { cve: "CVE-2019-7221", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-7221", }, ], notes: [ { category: "general", text: "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-7221", url: "https://www.suse.com/security/cve/CVE-2019-7221", }, { category: "external", summary: "SUSE Bug 1124732 for CVE-2019-7221", url: "https://bugzilla.suse.com/1124732", }, { category: "external", summary: "SUSE Bug 1124734 for CVE-2019-7221", url: "https://bugzilla.suse.com/1124734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-7221", }, { cve: "CVE-2019-7222", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-7222", }, ], notes: [ { category: "general", text: "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-7222", url: "https://www.suse.com/security/cve/CVE-2019-7222", }, { category: "external", summary: "SUSE Bug 1124735 for CVE-2019-7222", url: "https://bugzilla.suse.com/1124735", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-7222", }, { cve: "CVE-2019-8564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8564", }, ], notes: [ { category: "general", text: "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8564", url: "https://www.suse.com/security/cve/CVE-2019-8564", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-8564", }, { cve: "CVE-2019-8912", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8912", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8912", url: "https://www.suse.com/security/cve/CVE-2019-8912", }, { category: "external", summary: "SUSE Bug 1125907 for CVE-2019-8912", url: "https://bugzilla.suse.com/1125907", }, { category: "external", summary: "SUSE Bug 1126284 for CVE-2019-8912", url: "https://bugzilla.suse.com/1126284", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-8912", }, { cve: "CVE-2019-9500", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9500", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9500", url: "https://www.suse.com/security/cve/CVE-2019-9500", }, { category: "external", summary: "SUSE Bug 1132681 for CVE-2019-9500", url: "https://bugzilla.suse.com/1132681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9500", }, { cve: "CVE-2020-10135", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10135", }, ], notes: [ { category: "general", text: "Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10135", url: "https://www.suse.com/security/cve/CVE-2020-10135", }, { category: "external", summary: "SUSE Bug 1171988 for CVE-2020-10135", url: "https://bugzilla.suse.com/1171988", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10135", }, { cve: "CVE-2020-10766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10766", }, ], notes: [ { category: "general", text: "A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10766", url: "https://www.suse.com/security/cve/CVE-2020-10766", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2020-10766", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1172781 for CVE-2020-10766", url: "https://bugzilla.suse.com/1172781", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10766", }, { cve: "CVE-2020-10767", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10767", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10767", url: "https://www.suse.com/security/cve/CVE-2020-10767", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2020-10767", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1172782 for CVE-2020-10767", url: "https://bugzilla.suse.com/1172782", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10767", }, { cve: "CVE-2020-10768", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10768", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10768", url: "https://www.suse.com/security/cve/CVE-2020-10768", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2020-10768", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1172783 for CVE-2020-10768", url: "https://bugzilla.suse.com/1172783", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10768", }, { cve: "CVE-2020-12351", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12351", }, ], notes: [ { category: "general", text: "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12351", url: "https://www.suse.com/security/cve/CVE-2020-12351", }, { category: "external", summary: "SUSE Bug 1177724 for CVE-2020-12351", url: "https://bugzilla.suse.com/1177724", }, { category: "external", summary: "SUSE Bug 1177729 for CVE-2020-12351", url: "https://bugzilla.suse.com/1177729", }, { category: "external", summary: "SUSE Bug 1178397 for CVE-2020-12351", url: "https://bugzilla.suse.com/1178397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-12351", }, { cve: "CVE-2020-12352", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12352", }, ], notes: [ { category: "general", text: "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12352", url: "https://www.suse.com/security/cve/CVE-2020-12352", }, { category: "external", summary: "SUSE Bug 1177725 for CVE-2020-12352", url: "https://bugzilla.suse.com/1177725", }, { category: "external", summary: "SUSE Bug 1178398 for CVE-2020-12352", url: "https://bugzilla.suse.com/1178398", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-12352", }, { cve: "CVE-2020-14331", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14331", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14331", url: "https://www.suse.com/security/cve/CVE-2020-14331", }, { category: "external", summary: "SUSE Bug 1174205 for CVE-2020-14331", url: "https://bugzilla.suse.com/1174205", }, { category: "external", summary: "SUSE Bug 1174247 for CVE-2020-14331", url: "https://bugzilla.suse.com/1174247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14331", }, { cve: "CVE-2020-14386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14386", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14386", url: "https://www.suse.com/security/cve/CVE-2020-14386", }, { category: "external", summary: "SUSE Bug 1176069 for CVE-2020-14386", url: "https://bugzilla.suse.com/1176069", }, { category: "external", summary: "SUSE Bug 1176072 for CVE-2020-14386", url: "https://bugzilla.suse.com/1176072", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14386", }, { cve: "CVE-2020-24586", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24586", }, ], notes: [ { category: "general", text: "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-24586", url: "https://www.suse.com/security/cve/CVE-2020-24586", }, { category: "external", summary: "SUSE Bug 1185859 for CVE-2020-24586", url: "https://bugzilla.suse.com/1185859", }, { category: "external", summary: "SUSE Bug 1192868 for CVE-2020-24586", url: "https://bugzilla.suse.com/1192868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-24586", }, { cve: "CVE-2020-24587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24587", }, ], notes: [ { category: "general", text: "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-24587", url: "https://www.suse.com/security/cve/CVE-2020-24587", }, { category: "external", summary: "SUSE Bug 1185859 for CVE-2020-24587", url: "https://bugzilla.suse.com/1185859", }, { category: "external", summary: "SUSE Bug 1185862 for CVE-2020-24587", url: "https://bugzilla.suse.com/1185862", }, { category: "external", summary: "SUSE Bug 1192868 for CVE-2020-24587", url: "https://bugzilla.suse.com/1192868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-24587", }, { cve: "CVE-2020-24588", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24588", }, ], notes: [ { category: "general", text: "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-24588", url: "https://www.suse.com/security/cve/CVE-2020-24588", }, { category: "external", summary: "SUSE Bug 1185861 for CVE-2020-24588", url: "https://bugzilla.suse.com/1185861", }, { category: "external", summary: "SUSE Bug 1192868 for CVE-2020-24588", url: "https://bugzilla.suse.com/1192868", }, { category: "external", summary: "SUSE Bug 1199701 for CVE-2020-24588", url: "https://bugzilla.suse.com/1199701", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-24588", }, { cve: "CVE-2020-25639", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25639", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25639", url: "https://www.suse.com/security/cve/CVE-2020-25639", }, { category: "external", summary: "SUSE Bug 1176846 for CVE-2020-25639", url: "https://bugzilla.suse.com/1176846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25639", }, { cve: "CVE-2020-25656", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25656", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25656", url: "https://www.suse.com/security/cve/CVE-2020-25656", }, { category: "external", summary: "SUSE Bug 1177766 for CVE-2020-25656", url: "https://bugzilla.suse.com/1177766", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25656", }, { cve: "CVE-2020-25668", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25668", }, ], notes: [ { category: "general", text: "A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25668", url: "https://www.suse.com/security/cve/CVE-2020-25668", }, { category: "external", summary: "SUSE Bug 1178123 for CVE-2020-25668", url: "https://bugzilla.suse.com/1178123", }, { category: "external", summary: "SUSE Bug 1178622 for CVE-2020-25668", url: "https://bugzilla.suse.com/1178622", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2020-25668", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25668", }, { cve: "CVE-2020-26141", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26141", }, ], notes: [ { category: "general", text: "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26141", url: "https://www.suse.com/security/cve/CVE-2020-26141", }, { category: "external", summary: "SUSE Bug 1185987 for CVE-2020-26141", url: "https://bugzilla.suse.com/1185987", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26141", }, { cve: "CVE-2020-2732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-2732", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-2732", url: "https://www.suse.com/security/cve/CVE-2020-2732", }, { category: "external", summary: "SUSE Bug 1163971 for CVE-2020-2732", url: "https://bugzilla.suse.com/1163971", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-2732", }, { cve: "CVE-2020-29660", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-29660", }, ], notes: [ { category: "general", text: "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-29660", url: "https://www.suse.com/security/cve/CVE-2020-29660", }, { category: "external", summary: "SUSE Bug 1179745 for CVE-2020-29660", url: "https://bugzilla.suse.com/1179745", }, { category: "external", summary: "SUSE Bug 1179877 for CVE-2020-29660", url: "https://bugzilla.suse.com/1179877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-29660", }, { cve: "CVE-2020-29661", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-29661", }, ], notes: [ { category: "general", text: "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-29661", url: "https://www.suse.com/security/cve/CVE-2020-29661", }, { category: "external", summary: "SUSE Bug 1179745 for CVE-2020-29661", url: "https://bugzilla.suse.com/1179745", }, { category: "external", summary: "SUSE Bug 1179877 for CVE-2020-29661", url: "https://bugzilla.suse.com/1179877", }, { category: "external", summary: "SUSE Bug 1214268 for CVE-2020-29661", url: "https://bugzilla.suse.com/1214268", }, { category: "external", summary: "SUSE Bug 1218966 for CVE-2020-29661", url: "https://bugzilla.suse.com/1218966", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-29661", }, { cve: "CVE-2020-8648", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8648", }, ], notes: [ { category: "general", text: "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8648", url: "https://www.suse.com/security/cve/CVE-2020-8648", }, { category: "external", summary: "SUSE Bug 1162928 for CVE-2020-8648", url: "https://bugzilla.suse.com/1162928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8648", }, { cve: "CVE-2020-8694", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8694", }, ], notes: [ { category: "general", text: "Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8694", url: "https://www.suse.com/security/cve/CVE-2020-8694", }, { category: "external", summary: "SUSE Bug 1170415 for CVE-2020-8694", url: "https://bugzilla.suse.com/1170415", }, { category: "external", summary: "SUSE Bug 1170446 for CVE-2020-8694", url: "https://bugzilla.suse.com/1170446", }, { category: "external", summary: "SUSE Bug 1178591 for CVE-2020-8694", url: "https://bugzilla.suse.com/1178591", }, { category: "external", summary: "SUSE Bug 1178700 for CVE-2020-8694", url: "https://bugzilla.suse.com/1178700", }, { category: "external", summary: "SUSE Bug 1179661 for CVE-2020-8694", url: "https://bugzilla.suse.com/1179661", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8694", }, { cve: "CVE-2021-23133", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-23133", }, ], notes: [ { category: "general", text: "A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-23133", url: "https://www.suse.com/security/cve/CVE-2021-23133", }, { category: "external", summary: "SUSE Bug 1184675 for CVE-2021-23133", url: "https://bugzilla.suse.com/1184675", }, { category: "external", summary: "SUSE Bug 1185901 for CVE-2021-23133", url: "https://bugzilla.suse.com/1185901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-23133", }, { cve: "CVE-2021-26708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-26708", }, ], notes: [ { category: "general", text: "A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-26708", url: "https://www.suse.com/security/cve/CVE-2021-26708", }, { category: "external", summary: "SUSE Bug 1181806 for CVE-2021-26708", url: "https://bugzilla.suse.com/1181806", }, { category: "external", summary: "SUSE Bug 1183298 for CVE-2021-26708", url: "https://bugzilla.suse.com/1183298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-26708", }, { cve: "CVE-2021-28971", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-28971", }, ], notes: [ { category: "general", text: "In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-28971", url: "https://www.suse.com/security/cve/CVE-2021-28971", }, { category: "external", summary: "SUSE Bug 1184196 for CVE-2021-28971", url: "https://bugzilla.suse.com/1184196", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-28971", }, { cve: "CVE-2021-32606", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-32606", }, ], notes: [ { category: "general", text: "In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-32606", url: "https://www.suse.com/security/cve/CVE-2021-32606", }, { category: "external", summary: "SUSE Bug 1185953 for CVE-2021-32606", url: "https://bugzilla.suse.com/1185953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-32606", }, { cve: "CVE-2021-33909", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-33909", }, ], notes: [ { category: "general", text: "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-33909", url: "https://www.suse.com/security/cve/CVE-2021-33909", }, { category: "external", summary: "SUSE Bug 1188062 for CVE-2021-33909", url: "https://bugzilla.suse.com/1188062", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2021-33909", url: "https://bugzilla.suse.com/1188063", }, { category: "external", summary: "SUSE Bug 1188257 for CVE-2021-33909", url: "https://bugzilla.suse.com/1188257", }, { category: "external", summary: "SUSE Bug 1189302 for CVE-2021-33909", url: "https://bugzilla.suse.com/1189302", }, { category: "external", summary: "SUSE Bug 1190859 for CVE-2021-33909", url: "https://bugzilla.suse.com/1190859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-33909", }, { cve: "CVE-2021-3483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3483", }, ], notes: [ { category: "general", text: "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3483", url: "https://www.suse.com/security/cve/CVE-2021-3483", }, { category: "external", summary: "SUSE Bug 1184393 for CVE-2021-3483", url: "https://bugzilla.suse.com/1184393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3483", }, { cve: "CVE-2021-3489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3489", }, ], notes: [ { category: "general", text: "The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee (\"bpf, ringbuf: Deny reserve of buffers larger than ringbuf\") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 (\"bpf: Implement BPF ring buffer and verifier support for it\") (v5.8-rc1).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3489", url: "https://www.suse.com/security/cve/CVE-2021-3489", }, { category: "external", summary: "SUSE Bug 1185640 for CVE-2021-3489", url: "https://bugzilla.suse.com/1185640", }, { category: "external", summary: "SUSE Bug 1185856 for CVE-2021-3489", url: "https://bugzilla.suse.com/1185856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3489", }, { cve: "CVE-2021-3490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3490", }, ], notes: [ { category: "general", text: "The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e (\"bpf: Fix alu32 const subreg bound tracking on bitwise operations\") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 (\"bpf: Verifier, do explicit ALU32 bounds tracking\") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 (\"bpf:Fix a verifier failure with xor\") ( 5.10-rc1).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3490", url: "https://www.suse.com/security/cve/CVE-2021-3490", }, { category: "external", summary: "SUSE Bug 1185641 for CVE-2021-3490", url: "https://bugzilla.suse.com/1185641", }, { category: "external", summary: "SUSE Bug 1185796 for CVE-2021-3490", url: "https://bugzilla.suse.com/1185796", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3490", }, { cve: "CVE-2021-3491", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3491", }, ], notes: [ { category: "general", text: "The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was addressed via commit d1f82808877b (\"io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers\") (v5.13-rc1) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced in ddf0322db79c (\"io_uring: add IORING_OP_PROVIDE_BUFFERS\") (v5.7-rc1).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3491", url: "https://www.suse.com/security/cve/CVE-2021-3491", }, { category: "external", summary: "SUSE Bug 1185642 for CVE-2021-3491", url: "https://bugzilla.suse.com/1185642", }, { category: "external", summary: "SUSE Bug 1187090 for CVE-2021-3491", url: "https://bugzilla.suse.com/1187090", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3491", }, { cve: "CVE-2021-3640", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3640", }, ], notes: [ { category: "general", text: "A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3640", url: "https://www.suse.com/security/cve/CVE-2021-3640", }, { category: "external", summary: "SUSE Bug 1188172 for CVE-2021-3640", url: "https://bugzilla.suse.com/1188172", }, { category: "external", summary: "SUSE Bug 1188613 for CVE-2021-3640", url: "https://bugzilla.suse.com/1188613", }, { category: "external", summary: "SUSE Bug 1191530 for CVE-2021-3640", url: "https://bugzilla.suse.com/1191530", }, { category: "external", summary: "SUSE Bug 1196810 for CVE-2021-3640", url: "https://bugzilla.suse.com/1196810", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-3640", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3640", }, { cve: "CVE-2021-3653", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3653", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"int_ctl\" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3653", url: "https://www.suse.com/security/cve/CVE-2021-3653", }, { category: "external", summary: "SUSE Bug 1189399 for CVE-2021-3653", url: "https://bugzilla.suse.com/1189399", }, { category: "external", summary: "SUSE Bug 1189420 for CVE-2021-3653", url: "https://bugzilla.suse.com/1189420", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-3653", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3653", }, { cve: "CVE-2021-3656", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3656", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"virt_ext\" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3656", url: "https://www.suse.com/security/cve/CVE-2021-3656", }, { category: "external", summary: "SUSE Bug 1189400 for CVE-2021-3656", url: "https://bugzilla.suse.com/1189400", }, { category: "external", summary: "SUSE Bug 1189418 for CVE-2021-3656", url: "https://bugzilla.suse.com/1189418", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3656", }, { cve: "CVE-2021-3744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3744", }, ], notes: [ { category: "general", text: "A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3744", url: "https://www.suse.com/security/cve/CVE-2021-3744", }, { category: "external", summary: "SUSE Bug 1189884 for CVE-2021-3744", url: "https://bugzilla.suse.com/1189884", }, { category: "external", summary: "SUSE Bug 1190534 for CVE-2021-3744", url: "https://bugzilla.suse.com/1190534", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3744", }, { cve: "CVE-2021-3753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3753", }, ], notes: [ { category: "general", text: "A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3753", url: "https://www.suse.com/security/cve/CVE-2021-3753", }, { category: "external", summary: "SUSE Bug 1190025 for CVE-2021-3753", url: "https://bugzilla.suse.com/1190025", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2021-3753", }, { cve: "CVE-2021-37576", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37576", }, ], notes: [ { category: "general", text: "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37576", url: "https://www.suse.com/security/cve/CVE-2021-37576", }, { category: "external", summary: "SUSE Bug 1188838 for CVE-2021-37576", url: "https://bugzilla.suse.com/1188838", }, { category: "external", summary: "SUSE Bug 1188842 for CVE-2021-37576", url: "https://bugzilla.suse.com/1188842", }, { category: "external", summary: "SUSE Bug 1190276 for CVE-2021-37576", url: "https://bugzilla.suse.com/1190276", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-37576", }, { cve: "CVE-2021-3759", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3759", }, ], notes: [ { category: "general", text: "A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3759", url: "https://www.suse.com/security/cve/CVE-2021-3759", }, { category: "external", summary: "SUSE Bug 1190115 for CVE-2021-3759", url: "https://bugzilla.suse.com/1190115", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3759", }, { cve: "CVE-2021-38166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38166", }, ], notes: [ { category: "general", text: "In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38166", url: "https://www.suse.com/security/cve/CVE-2021-38166", }, { category: "external", summary: "SUSE Bug 1189233 for CVE-2021-38166", url: "https://bugzilla.suse.com/1189233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-devel-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-macros-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-5.14.6-1.4.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-5.14.6-1.4.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-38166", }, ], }
opensuse-su-2024:13704-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
kernel-devel-longterm-6.6.17-1.1 on GA media
Notes
Title of the patch
kernel-devel-longterm-6.6.17-1.1 on GA media
Description of the patch
These are all security issues fixed in the kernel-devel-longterm-6.6.17-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13704
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "kernel-devel-longterm-6.6.17-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the kernel-devel-longterm-6.6.17-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-13704", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13704-1.json", }, { category: "self", summary: "SUSE CVE CVE-2016-3695 page", url: "https://www.suse.com/security/cve/CVE-2016-3695/", }, { category: "self", summary: "SUSE CVE CVE-2017-1000251 page", url: "https://www.suse.com/security/cve/CVE-2017-1000251/", }, { category: "self", summary: "SUSE CVE CVE-2017-12153 page", url: "https://www.suse.com/security/cve/CVE-2017-12153/", }, { category: "self", summary: "SUSE CVE CVE-2017-13080 page", url: "https://www.suse.com/security/cve/CVE-2017-13080/", }, { category: "self", summary: "SUSE CVE CVE-2017-14051 page", url: "https://www.suse.com/security/cve/CVE-2017-14051/", }, { category: "self", summary: "SUSE CVE CVE-2017-15129 page", url: "https://www.suse.com/security/cve/CVE-2017-15129/", }, { category: "self", summary: "SUSE CVE CVE-2017-15265 page", url: "https://www.suse.com/security/cve/CVE-2017-15265/", }, { category: "self", summary: "SUSE CVE CVE-2017-16536 page", url: "https://www.suse.com/security/cve/CVE-2017-16536/", }, { category: "self", summary: "SUSE CVE CVE-2017-16537 page", url: "https://www.suse.com/security/cve/CVE-2017-16537/", }, { category: "self", summary: "SUSE CVE CVE-2017-16645 page", url: "https://www.suse.com/security/cve/CVE-2017-16645/", }, { category: "self", summary: "SUSE CVE CVE-2017-16646 page", url: "https://www.suse.com/security/cve/CVE-2017-16646/", }, { category: "self", summary: "SUSE CVE CVE-2017-16647 page", url: "https://www.suse.com/security/cve/CVE-2017-16647/", }, { category: "self", summary: "SUSE CVE CVE-2017-16648 page", url: "https://www.suse.com/security/cve/CVE-2017-16648/", }, { category: "self", summary: "SUSE CVE CVE-2017-16995 page", url: "https://www.suse.com/security/cve/CVE-2017-16995/", }, { category: "self", summary: "SUSE CVE CVE-2017-16996 page", url: "https://www.suse.com/security/cve/CVE-2017-16996/", }, { category: "self", summary: "SUSE CVE CVE-2017-17448 page", url: "https://www.suse.com/security/cve/CVE-2017-17448/", }, { category: "self", summary: "SUSE CVE CVE-2017-17449 page", url: "https://www.suse.com/security/cve/CVE-2017-17449/", }, { category: "self", summary: "SUSE CVE CVE-2017-17450 page", url: "https://www.suse.com/security/cve/CVE-2017-17450/", }, { category: "self", summary: "SUSE CVE CVE-2017-17852 page", url: "https://www.suse.com/security/cve/CVE-2017-17852/", }, { category: "self", summary: "SUSE CVE CVE-2017-17853 page", url: "https://www.suse.com/security/cve/CVE-2017-17853/", }, { category: "self", summary: "SUSE CVE CVE-2017-17854 page", url: "https://www.suse.com/security/cve/CVE-2017-17854/", }, { category: "self", summary: "SUSE CVE CVE-2017-17855 page", url: "https://www.suse.com/security/cve/CVE-2017-17855/", }, { category: "self", summary: "SUSE CVE CVE-2017-17856 page", url: "https://www.suse.com/security/cve/CVE-2017-17856/", }, { category: "self", summary: "SUSE CVE CVE-2017-17857 page", url: "https://www.suse.com/security/cve/CVE-2017-17857/", }, { category: "self", summary: "SUSE CVE CVE-2017-17862 page", url: "https://www.suse.com/security/cve/CVE-2017-17862/", }, { category: "self", summary: "SUSE CVE CVE-2017-5123 page", url: "https://www.suse.com/security/cve/CVE-2017-5123/", }, { category: "self", summary: "SUSE CVE CVE-2017-5715 page", url: "https://www.suse.com/security/cve/CVE-2017-5715/", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2017-5754 page", url: "https://www.suse.com/security/cve/CVE-2017-5754/", }, { category: "self", summary: "SUSE CVE CVE-2017-7541 page", url: "https://www.suse.com/security/cve/CVE-2017-7541/", }, { category: "self", summary: "SUSE CVE CVE-2017-7542 page", url: "https://www.suse.com/security/cve/CVE-2017-7542/", }, { category: "self", summary: "SUSE CVE CVE-2017-8824 page", url: "https://www.suse.com/security/cve/CVE-2017-8824/", }, { category: "self", summary: "SUSE CVE CVE-2017-8831 page", url: "https://www.suse.com/security/cve/CVE-2017-8831/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000004 page", url: "https://www.suse.com/security/cve/CVE-2018-1000004/", }, { category: "self", summary: "SUSE CVE CVE-2018-10322 page", url: "https://www.suse.com/security/cve/CVE-2018-10322/", }, { category: "self", summary: "SUSE CVE CVE-2018-10323 page", url: "https://www.suse.com/security/cve/CVE-2018-10323/", }, { category: "self", summary: "SUSE CVE CVE-2018-1068 page", url: "https://www.suse.com/security/cve/CVE-2018-1068/", }, { category: "self", summary: "SUSE CVE CVE-2018-1118 page", url: "https://www.suse.com/security/cve/CVE-2018-1118/", }, { category: "self", summary: "SUSE CVE CVE-2018-12232 page", url: "https://www.suse.com/security/cve/CVE-2018-12232/", }, { category: "self", summary: "SUSE CVE CVE-2018-12714 page", url: "https://www.suse.com/security/cve/CVE-2018-12714/", }, { category: "self", summary: "SUSE CVE CVE-2018-13053 page", url: "https://www.suse.com/security/cve/CVE-2018-13053/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, { category: "self", summary: "SUSE CVE CVE-2018-19824 page", url: "https://www.suse.com/security/cve/CVE-2018-19824/", }, { category: "self", summary: "SUSE CVE CVE-2018-5332 page", url: "https://www.suse.com/security/cve/CVE-2018-5332/", }, { category: "self", summary: "SUSE CVE CVE-2018-5333 page", url: "https://www.suse.com/security/cve/CVE-2018-5333/", }, { category: "self", summary: "SUSE CVE CVE-2018-8043 page", url: "https://www.suse.com/security/cve/CVE-2018-8043/", }, { category: "self", summary: "SUSE CVE CVE-2018-8087 page", url: "https://www.suse.com/security/cve/CVE-2018-8087/", }, { category: "self", summary: "SUSE CVE CVE-2018-8822 page", url: "https://www.suse.com/security/cve/CVE-2018-8822/", }, { category: "self", summary: "SUSE CVE CVE-2019-10207 page", url: "https://www.suse.com/security/cve/CVE-2019-10207/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-14615 page", url: "https://www.suse.com/security/cve/CVE-2019-14615/", }, { category: "self", summary: "SUSE CVE CVE-2019-14814 page", url: "https://www.suse.com/security/cve/CVE-2019-14814/", }, { category: "self", summary: "SUSE CVE CVE-2019-14896 page", url: "https://www.suse.com/security/cve/CVE-2019-14896/", }, { category: "self", summary: "SUSE CVE CVE-2019-15030 page", url: "https://www.suse.com/security/cve/CVE-2019-15030/", }, { category: "self", summary: "SUSE CVE CVE-2019-15031 page", url: "https://www.suse.com/security/cve/CVE-2019-15031/", }, { category: "self", summary: "SUSE CVE CVE-2019-15098 page", url: "https://www.suse.com/security/cve/CVE-2019-15098/", }, { category: "self", summary: "SUSE CVE CVE-2019-15099 page", url: "https://www.suse.com/security/cve/CVE-2019-15099/", }, { category: "self", summary: "SUSE CVE CVE-2019-15290 page", url: "https://www.suse.com/security/cve/CVE-2019-15290/", }, { category: "self", summary: "SUSE CVE CVE-2019-15504 page", url: "https://www.suse.com/security/cve/CVE-2019-15504/", }, { category: "self", summary: "SUSE CVE CVE-2019-15902 page", url: "https://www.suse.com/security/cve/CVE-2019-15902/", }, { category: "self", summary: "SUSE CVE CVE-2019-16231 page", url: "https://www.suse.com/security/cve/CVE-2019-16231/", }, { category: "self", summary: "SUSE CVE CVE-2019-16232 page", url: "https://www.suse.com/security/cve/CVE-2019-16232/", }, { category: "self", summary: "SUSE CVE CVE-2019-16234 page", url: "https://www.suse.com/security/cve/CVE-2019-16234/", }, { category: "self", summary: "SUSE CVE CVE-2019-17133 page", url: "https://www.suse.com/security/cve/CVE-2019-17133/", }, { category: "self", summary: "SUSE CVE CVE-2019-17666 page", url: "https://www.suse.com/security/cve/CVE-2019-17666/", }, { category: "self", summary: "SUSE CVE CVE-2019-18808 page", url: "https://www.suse.com/security/cve/CVE-2019-18808/", }, { category: "self", summary: "SUSE CVE CVE-2019-18812 page", url: "https://www.suse.com/security/cve/CVE-2019-18812/", }, { category: "self", summary: "SUSE CVE CVE-2019-18813 page", url: "https://www.suse.com/security/cve/CVE-2019-18813/", }, { category: "self", summary: "SUSE CVE CVE-2019-19252 page", url: "https://www.suse.com/security/cve/CVE-2019-19252/", }, { category: "self", summary: "SUSE CVE CVE-2019-19332 page", url: "https://www.suse.com/security/cve/CVE-2019-19332/", }, { category: "self", summary: "SUSE CVE CVE-2019-19338 page", url: "https://www.suse.com/security/cve/CVE-2019-19338/", }, { category: "self", summary: "SUSE CVE CVE-2019-3016 page", url: "https://www.suse.com/security/cve/CVE-2019-3016/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-3887 page", url: "https://www.suse.com/security/cve/CVE-2019-3887/", }, { category: "self", summary: "SUSE CVE CVE-2019-6974 page", url: "https://www.suse.com/security/cve/CVE-2019-6974/", }, { category: "self", summary: "SUSE CVE CVE-2019-7221 page", url: "https://www.suse.com/security/cve/CVE-2019-7221/", }, { category: "self", summary: "SUSE CVE CVE-2019-7222 page", url: "https://www.suse.com/security/cve/CVE-2019-7222/", }, { category: "self", summary: "SUSE CVE CVE-2019-8564 page", url: "https://www.suse.com/security/cve/CVE-2019-8564/", }, { category: "self", summary: "SUSE CVE CVE-2019-8912 page", url: "https://www.suse.com/security/cve/CVE-2019-8912/", }, { category: "self", summary: "SUSE CVE CVE-2019-9500 page", url: "https://www.suse.com/security/cve/CVE-2019-9500/", }, { category: "self", summary: "SUSE CVE CVE-2020-10135 page", url: "https://www.suse.com/security/cve/CVE-2020-10135/", }, { category: "self", summary: "SUSE CVE CVE-2020-10766 page", url: "https://www.suse.com/security/cve/CVE-2020-10766/", }, { category: "self", summary: "SUSE CVE CVE-2020-10767 page", url: "https://www.suse.com/security/cve/CVE-2020-10767/", }, { category: "self", summary: "SUSE CVE CVE-2020-10768 page", url: "https://www.suse.com/security/cve/CVE-2020-10768/", }, { category: "self", summary: "SUSE CVE CVE-2020-12351 page", url: "https://www.suse.com/security/cve/CVE-2020-12351/", }, { category: "self", summary: "SUSE CVE CVE-2020-12352 page", url: "https://www.suse.com/security/cve/CVE-2020-12352/", }, { category: "self", summary: "SUSE CVE CVE-2020-14331 page", url: "https://www.suse.com/security/cve/CVE-2020-14331/", }, { category: "self", summary: "SUSE CVE CVE-2020-14386 page", url: "https://www.suse.com/security/cve/CVE-2020-14386/", }, { category: "self", summary: "SUSE CVE CVE-2020-24586 page", url: "https://www.suse.com/security/cve/CVE-2020-24586/", }, { category: "self", summary: "SUSE CVE CVE-2020-24587 page", url: "https://www.suse.com/security/cve/CVE-2020-24587/", }, { category: "self", summary: "SUSE CVE CVE-2020-24588 page", url: "https://www.suse.com/security/cve/CVE-2020-24588/", }, { category: "self", summary: "SUSE CVE CVE-2020-25639 page", url: "https://www.suse.com/security/cve/CVE-2020-25639/", }, { category: "self", summary: "SUSE CVE CVE-2020-25656 page", url: "https://www.suse.com/security/cve/CVE-2020-25656/", }, { category: "self", summary: "SUSE CVE CVE-2020-25668 page", url: "https://www.suse.com/security/cve/CVE-2020-25668/", }, { category: "self", summary: "SUSE CVE CVE-2020-26141 page", url: "https://www.suse.com/security/cve/CVE-2020-26141/", }, { category: "self", summary: "SUSE CVE CVE-2020-2732 page", url: "https://www.suse.com/security/cve/CVE-2020-2732/", }, { category: "self", summary: "SUSE CVE CVE-2020-29660 page", url: "https://www.suse.com/security/cve/CVE-2020-29660/", }, { category: "self", summary: "SUSE CVE CVE-2020-29661 page", url: "https://www.suse.com/security/cve/CVE-2020-29661/", }, { category: "self", summary: "SUSE CVE CVE-2020-8648 page", url: "https://www.suse.com/security/cve/CVE-2020-8648/", }, { category: "self", summary: "SUSE CVE CVE-2020-8694 page", url: "https://www.suse.com/security/cve/CVE-2020-8694/", }, { category: "self", summary: "SUSE CVE CVE-2021-23133 page", url: "https://www.suse.com/security/cve/CVE-2021-23133/", }, { category: "self", summary: "SUSE CVE CVE-2021-26708 page", url: "https://www.suse.com/security/cve/CVE-2021-26708/", }, { category: "self", summary: "SUSE CVE CVE-2021-28971 page", url: "https://www.suse.com/security/cve/CVE-2021-28971/", }, { category: "self", summary: "SUSE CVE CVE-2021-32606 page", url: "https://www.suse.com/security/cve/CVE-2021-32606/", }, { category: "self", summary: "SUSE CVE CVE-2021-33909 page", url: "https://www.suse.com/security/cve/CVE-2021-33909/", }, { category: "self", summary: "SUSE CVE CVE-2021-3483 page", url: "https://www.suse.com/security/cve/CVE-2021-3483/", }, { category: "self", summary: "SUSE CVE CVE-2021-3489 page", url: "https://www.suse.com/security/cve/CVE-2021-3489/", }, { category: "self", summary: "SUSE CVE CVE-2021-3490 page", url: "https://www.suse.com/security/cve/CVE-2021-3490/", }, { category: "self", summary: "SUSE CVE CVE-2021-3491 page", url: "https://www.suse.com/security/cve/CVE-2021-3491/", }, { category: "self", summary: "SUSE CVE CVE-2021-3542 page", url: "https://www.suse.com/security/cve/CVE-2021-3542/", }, { category: "self", summary: "SUSE CVE CVE-2021-3640 page", url: "https://www.suse.com/security/cve/CVE-2021-3640/", }, { category: "self", summary: "SUSE CVE CVE-2021-3653 page", url: "https://www.suse.com/security/cve/CVE-2021-3653/", }, { category: "self", summary: "SUSE CVE CVE-2021-3656 page", url: "https://www.suse.com/security/cve/CVE-2021-3656/", }, { category: "self", summary: "SUSE CVE CVE-2021-3744 page", url: "https://www.suse.com/security/cve/CVE-2021-3744/", }, { category: "self", summary: "SUSE CVE CVE-2021-3753 page", url: "https://www.suse.com/security/cve/CVE-2021-3753/", }, { category: "self", summary: "SUSE CVE CVE-2021-37576 page", url: "https://www.suse.com/security/cve/CVE-2021-37576/", }, { category: "self", summary: "SUSE CVE CVE-2021-3759 page", url: "https://www.suse.com/security/cve/CVE-2021-3759/", }, { category: "self", summary: "SUSE CVE CVE-2021-38166 page", url: "https://www.suse.com/security/cve/CVE-2021-38166/", }, { category: "self", summary: "SUSE CVE CVE-2021-43976 page", url: "https://www.suse.com/security/cve/CVE-2021-43976/", }, { category: "self", summary: "SUSE CVE CVE-2022-0185 page", url: "https://www.suse.com/security/cve/CVE-2022-0185/", }, { category: "self", summary: "SUSE CVE CVE-2022-0330 page", url: "https://www.suse.com/security/cve/CVE-2022-0330/", }, { category: "self", summary: "SUSE CVE CVE-2022-0847 page", url: "https://www.suse.com/security/cve/CVE-2022-0847/", }, { category: "self", summary: "SUSE CVE CVE-2022-0886 page", url: "https://www.suse.com/security/cve/CVE-2022-0886/", }, { category: "self", summary: "SUSE CVE CVE-2022-1462 page", url: "https://www.suse.com/security/cve/CVE-2022-1462/", }, { category: "self", summary: "SUSE CVE CVE-2022-1516 page", url: "https://www.suse.com/security/cve/CVE-2022-1516/", }, { category: "self", summary: "SUSE CVE CVE-2022-1679 page", url: "https://www.suse.com/security/cve/CVE-2022-1679/", }, { category: "self", summary: "SUSE CVE CVE-2022-1729 page", url: "https://www.suse.com/security/cve/CVE-2022-1729/", }, { category: "self", summary: "SUSE CVE CVE-2022-1852 page", url: "https://www.suse.com/security/cve/CVE-2022-1852/", }, { category: "self", summary: "SUSE CVE CVE-2022-1966 page", url: "https://www.suse.com/security/cve/CVE-2022-1966/", }, { category: "self", summary: "SUSE CVE CVE-2022-1972 page", url: "https://www.suse.com/security/cve/CVE-2022-1972/", }, { category: "self", summary: "SUSE CVE CVE-2022-1973 page", url: "https://www.suse.com/security/cve/CVE-2022-1973/", }, { category: "self", summary: "SUSE CVE CVE-2022-22942 page", url: "https://www.suse.com/security/cve/CVE-2022-22942/", }, { category: "self", summary: "SUSE CVE CVE-2022-2308 page", url: "https://www.suse.com/security/cve/CVE-2022-2308/", }, { category: "self", summary: "SUSE CVE CVE-2022-24958 page", url: "https://www.suse.com/security/cve/CVE-2022-24958/", }, { category: "self", summary: "SUSE CVE CVE-2022-2588 page", url: "https://www.suse.com/security/cve/CVE-2022-2588/", }, { category: "self", summary: "SUSE CVE CVE-2022-2590 page", url: "https://www.suse.com/security/cve/CVE-2022-2590/", }, { category: "self", summary: "SUSE CVE CVE-2022-26490 page", url: "https://www.suse.com/security/cve/CVE-2022-26490/", }, { category: "self", summary: "SUSE CVE CVE-2022-28388 page", url: "https://www.suse.com/security/cve/CVE-2022-28388/", }, { category: "self", summary: "SUSE CVE CVE-2022-28389 page", url: "https://www.suse.com/security/cve/CVE-2022-28389/", }, { category: "self", summary: "SUSE CVE CVE-2022-28390 page", url: "https://www.suse.com/security/cve/CVE-2022-28390/", }, { category: "self", summary: "SUSE CVE CVE-2022-28893 page", url: "https://www.suse.com/security/cve/CVE-2022-28893/", }, { category: "self", summary: "SUSE CVE CVE-2022-29900 page", url: "https://www.suse.com/security/cve/CVE-2022-29900/", }, { category: "self", summary: "SUSE CVE CVE-2022-29901 page", url: "https://www.suse.com/security/cve/CVE-2022-29901/", }, { category: "self", summary: "SUSE CVE CVE-2022-29968 page", url: "https://www.suse.com/security/cve/CVE-2022-29968/", }, { category: "self", summary: "SUSE CVE CVE-2022-3424 page", url: "https://www.suse.com/security/cve/CVE-2022-3424/", }, { category: "self", summary: "SUSE CVE CVE-2022-34918 page", url: "https://www.suse.com/security/cve/CVE-2022-34918/", }, { category: "self", summary: "SUSE CVE CVE-2022-3628 page", url: "https://www.suse.com/security/cve/CVE-2022-3628/", }, { category: "self", summary: "SUSE CVE CVE-2022-3640 page", url: "https://www.suse.com/security/cve/CVE-2022-3640/", }, { category: "self", summary: "SUSE CVE CVE-2022-40982 page", url: "https://www.suse.com/security/cve/CVE-2022-40982/", }, { category: "self", summary: "SUSE CVE CVE-2022-41218 page", url: "https://www.suse.com/security/cve/CVE-2022-41218/", }, { category: "self", summary: "SUSE CVE CVE-2022-41674 page", url: "https://www.suse.com/security/cve/CVE-2022-41674/", }, { category: "self", summary: "SUSE CVE CVE-2022-42719 page", url: "https://www.suse.com/security/cve/CVE-2022-42719/", }, { category: "self", summary: "SUSE CVE CVE-2022-42720 page", url: "https://www.suse.com/security/cve/CVE-2022-42720/", }, { category: "self", summary: "SUSE CVE CVE-2022-42721 page", url: "https://www.suse.com/security/cve/CVE-2022-42721/", }, { category: "self", summary: "SUSE CVE CVE-2022-42722 page", url: "https://www.suse.com/security/cve/CVE-2022-42722/", }, { category: "self", summary: "SUSE CVE CVE-2022-4379 page", url: "https://www.suse.com/security/cve/CVE-2022-4379/", }, { category: "self", summary: "SUSE CVE CVE-2022-44032 page", url: "https://www.suse.com/security/cve/CVE-2022-44032/", }, { category: "self", summary: "SUSE CVE CVE-2022-44033 page", url: "https://www.suse.com/security/cve/CVE-2022-44033/", }, { category: "self", summary: "SUSE CVE CVE-2022-44034 page", url: "https://www.suse.com/security/cve/CVE-2022-44034/", }, { category: "self", summary: "SUSE CVE CVE-2022-45884 page", url: "https://www.suse.com/security/cve/CVE-2022-45884/", }, { category: "self", summary: "SUSE CVE CVE-2022-45885 page", url: "https://www.suse.com/security/cve/CVE-2022-45885/", }, { category: "self", summary: "SUSE CVE CVE-2022-45886 page", url: "https://www.suse.com/security/cve/CVE-2022-45886/", }, { category: "self", summary: "SUSE CVE CVE-2022-45887 page", url: "https://www.suse.com/security/cve/CVE-2022-45887/", }, { category: "self", summary: "SUSE CVE CVE-2022-45888 page", url: "https://www.suse.com/security/cve/CVE-2022-45888/", }, { category: "self", summary: "SUSE CVE CVE-2022-45919 page", url: "https://www.suse.com/security/cve/CVE-2022-45919/", }, { category: "self", summary: "SUSE CVE CVE-2022-45934 page", url: "https://www.suse.com/security/cve/CVE-2022-45934/", }, { category: "self", summary: "SUSE CVE CVE-2023-0045 page", url: "https://www.suse.com/security/cve/CVE-2023-0045/", }, { category: "self", summary: "SUSE CVE CVE-2023-1076 page", url: "https://www.suse.com/security/cve/CVE-2023-1076/", }, { category: "self", summary: "SUSE CVE CVE-2023-1078 page", url: "https://www.suse.com/security/cve/CVE-2023-1078/", }, { category: "self", summary: "SUSE CVE CVE-2023-1192 page", url: "https://www.suse.com/security/cve/CVE-2023-1192/", }, { category: "self", summary: "SUSE CVE CVE-2023-1380 page", url: "https://www.suse.com/security/cve/CVE-2023-1380/", }, { category: "self", summary: "SUSE CVE CVE-2023-20569 page", url: "https://www.suse.com/security/cve/CVE-2023-20569/", }, { category: "self", summary: "SUSE CVE CVE-2023-20593 page", url: "https://www.suse.com/security/cve/CVE-2023-20593/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-31084 page", url: "https://www.suse.com/security/cve/CVE-2023-31084/", }, { category: "self", summary: "SUSE CVE CVE-2023-3141 page", url: "https://www.suse.com/security/cve/CVE-2023-3141/", }, { category: "self", summary: "SUSE CVE CVE-2023-3269 page", url: "https://www.suse.com/security/cve/CVE-2023-3269/", }, { category: "self", summary: "SUSE CVE CVE-2023-39192 page", url: "https://www.suse.com/security/cve/CVE-2023-39192/", }, { category: "self", summary: "SUSE CVE CVE-2023-39193 page", url: "https://www.suse.com/security/cve/CVE-2023-39193/", }, { category: "self", summary: "SUSE CVE CVE-2023-4128 page", url: "https://www.suse.com/security/cve/CVE-2023-4128/", }, { category: "self", summary: "SUSE CVE CVE-2023-4134 page", url: "https://www.suse.com/security/cve/CVE-2023-4134/", }, { category: "self", summary: "SUSE CVE CVE-2023-4194 page", url: "https://www.suse.com/security/cve/CVE-2023-4194/", }, { category: "self", summary: "SUSE CVE CVE-2023-42753 page", url: "https://www.suse.com/security/cve/CVE-2023-42753/", }, { category: "self", summary: "SUSE CVE CVE-2023-42754 page", url: "https://www.suse.com/security/cve/CVE-2023-42754/", }, { category: "self", summary: "SUSE CVE CVE-2023-42756 page", url: "https://www.suse.com/security/cve/CVE-2023-42756/", }, { category: "self", summary: "SUSE CVE CVE-2023-4623 page", url: "https://www.suse.com/security/cve/CVE-2023-4623/", }, { category: "self", summary: "SUSE CVE CVE-2023-46813 page", url: "https://www.suse.com/security/cve/CVE-2023-46813/", }, { category: "self", summary: "SUSE CVE CVE-2023-4881 page", url: "https://www.suse.com/security/cve/CVE-2023-4881/", }, { category: "self", summary: "SUSE CVE CVE-2023-5345 page", url: "https://www.suse.com/security/cve/CVE-2023-5345/", }, { category: "self", summary: "SUSE CVE CVE-2023-6606 page", url: "https://www.suse.com/security/cve/CVE-2023-6606/", }, { category: "self", summary: "SUSE CVE CVE-2023-6610 page", url: "https://www.suse.com/security/cve/CVE-2023-6610/", }, ], title: "kernel-devel-longterm-6.6.17-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:13704-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.6.17-1.1.aarch64", product: { name: "kernel-devel-longterm-6.6.17-1.1.aarch64", product_id: "kernel-devel-longterm-6.6.17-1.1.aarch64", }, }, { category: "product_version", name: "kernel-source-longterm-6.6.17-1.1.aarch64", product: { name: "kernel-source-longterm-6.6.17-1.1.aarch64", product_id: "kernel-source-longterm-6.6.17-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.6.17-1.1.ppc64le", product: { name: "kernel-devel-longterm-6.6.17-1.1.ppc64le", product_id: "kernel-devel-longterm-6.6.17-1.1.ppc64le", }, }, { category: "product_version", name: "kernel-source-longterm-6.6.17-1.1.ppc64le", product: { name: "kernel-source-longterm-6.6.17-1.1.ppc64le", product_id: "kernel-source-longterm-6.6.17-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.6.17-1.1.s390x", product: { name: "kernel-devel-longterm-6.6.17-1.1.s390x", product_id: "kernel-devel-longterm-6.6.17-1.1.s390x", }, }, { category: "product_version", name: "kernel-source-longterm-6.6.17-1.1.s390x", product: { name: "kernel-source-longterm-6.6.17-1.1.s390x", product_id: "kernel-source-longterm-6.6.17-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.6.17-1.1.x86_64", product: { name: "kernel-devel-longterm-6.6.17-1.1.x86_64", product_id: "kernel-devel-longterm-6.6.17-1.1.x86_64", }, }, { category: "product_version", name: "kernel-source-longterm-6.6.17-1.1.x86_64", product: { name: "kernel-source-longterm-6.6.17-1.1.x86_64", product_id: "kernel-source-longterm-6.6.17-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.6.17-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", }, product_reference: "kernel-devel-longterm-6.6.17-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.6.17-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", }, product_reference: "kernel-devel-longterm-6.6.17-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.6.17-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", }, product_reference: "kernel-devel-longterm-6.6.17-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.6.17-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", }, product_reference: "kernel-devel-longterm-6.6.17-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.6.17-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", }, product_reference: "kernel-source-longterm-6.6.17-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.6.17-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", }, product_reference: "kernel-source-longterm-6.6.17-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.6.17-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", }, product_reference: "kernel-source-longterm-6.6.17-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.6.17-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", }, product_reference: "kernel-source-longterm-6.6.17-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2016-3695", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-3695", }, ], notes: [ { category: "general", text: "The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-3695", url: "https://www.suse.com/security/cve/CVE-2016-3695", }, { category: "external", summary: "SUSE Bug 1023051 for CVE-2016-3695", url: "https://bugzilla.suse.com/1023051", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2016-3695", }, { cve: "CVE-2017-1000251", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000251", }, ], notes: [ { category: "general", text: "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000251", url: "https://www.suse.com/security/cve/CVE-2017-1000251", }, { category: "external", summary: "SUSE Bug 1057389 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1057389", }, { category: "external", summary: "SUSE Bug 1057950 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1057950", }, { category: "external", summary: "SUSE Bug 1070535 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1070535", }, { category: "external", summary: "SUSE Bug 1072117 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1072117", }, { category: "external", summary: "SUSE Bug 1072162 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1072162", }, { category: "external", summary: "SUSE Bug 1120758 for CVE-2017-1000251", url: "https://bugzilla.suse.com/1120758", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-1000251", }, { cve: "CVE-2017-12153", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12153", }, ], notes: [ { category: "general", text: "A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12153", url: "https://www.suse.com/security/cve/CVE-2017-12153", }, { category: "external", summary: "SUSE Bug 1058410 for CVE-2017-12153", url: "https://bugzilla.suse.com/1058410", }, { category: "external", summary: "SUSE Bug 1058624 for CVE-2017-12153", url: "https://bugzilla.suse.com/1058624", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-12153", }, { cve: "CVE-2017-13080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13080", }, ], notes: [ { category: "general", text: "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13080", url: "https://www.suse.com/security/cve/CVE-2017-13080", }, { category: "external", summary: "SUSE Bug 1056061 for CVE-2017-13080", url: "https://bugzilla.suse.com/1056061", }, { category: "external", summary: "SUSE Bug 1063479 for CVE-2017-13080", url: "https://bugzilla.suse.com/1063479", }, { category: "external", summary: "SUSE Bug 1063667 for CVE-2017-13080", url: "https://bugzilla.suse.com/1063667", }, { category: "external", summary: "SUSE Bug 1063671 for CVE-2017-13080", url: "https://bugzilla.suse.com/1063671", }, { category: "external", summary: "SUSE Bug 1066295 for CVE-2017-13080", url: "https://bugzilla.suse.com/1066295", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-13080", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1178872 for CVE-2017-13080", url: "https://bugzilla.suse.com/1178872", }, { category: "external", summary: "SUSE Bug 1179588 for CVE-2017-13080", url: "https://bugzilla.suse.com/1179588", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13080", }, { cve: "CVE-2017-14051", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14051", }, ], notes: [ { category: "general", text: "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14051", url: "https://www.suse.com/security/cve/CVE-2017-14051", }, { category: "external", summary: "SUSE Bug 1056588 for CVE-2017-14051", url: "https://bugzilla.suse.com/1056588", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-14051", }, { cve: "CVE-2017-15129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15129", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15129", url: "https://www.suse.com/security/cve/CVE-2017-15129", }, { category: "external", summary: "SUSE Bug 1074839 for CVE-2017-15129", url: "https://bugzilla.suse.com/1074839", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-15129", }, { cve: "CVE-2017-15265", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15265", }, ], notes: [ { category: "general", text: "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15265", url: "https://www.suse.com/security/cve/CVE-2017-15265", }, { category: "external", summary: "SUSE Bug 1062520 for CVE-2017-15265", url: "https://bugzilla.suse.com/1062520", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-15265", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-15265", }, { cve: "CVE-2017-16536", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16536", }, ], notes: [ { category: "general", text: "The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16536", url: "https://www.suse.com/security/cve/CVE-2017-16536", }, { category: "external", summary: "SUSE Bug 1066606 for CVE-2017-16536", url: "https://bugzilla.suse.com/1066606", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16536", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16536", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16536", }, { cve: "CVE-2017-16537", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16537", }, ], notes: [ { category: "general", text: "The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16537", url: "https://www.suse.com/security/cve/CVE-2017-16537", }, { category: "external", summary: "SUSE Bug 1066573 for CVE-2017-16537", url: "https://bugzilla.suse.com/1066573", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16537", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16537", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16537", }, { cve: "CVE-2017-16645", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16645", }, ], notes: [ { category: "general", text: "The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16645", url: "https://www.suse.com/security/cve/CVE-2017-16645", }, { category: "external", summary: "SUSE Bug 1067132 for CVE-2017-16645", url: "https://bugzilla.suse.com/1067132", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16645", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16645", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16645", }, { cve: "CVE-2017-16646", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16646", }, ], notes: [ { category: "general", text: "drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16646", url: "https://www.suse.com/security/cve/CVE-2017-16646", }, { category: "external", summary: "SUSE Bug 1067105 for CVE-2017-16646", url: "https://bugzilla.suse.com/1067105", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16646", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16646", }, { cve: "CVE-2017-16647", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16647", }, ], notes: [ { category: "general", text: "drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16647", url: "https://www.suse.com/security/cve/CVE-2017-16647", }, { category: "external", summary: "SUSE Bug 1067102 for CVE-2017-16647", url: "https://bugzilla.suse.com/1067102", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16647", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16647", }, { cve: "CVE-2017-16648", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16648", }, ], notes: [ { category: "general", text: "The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. NOTE: the function was later renamed __dvb_frontend_free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16648", url: "https://www.suse.com/security/cve/CVE-2017-16648", }, { category: "external", summary: "SUSE Bug 1067087 for CVE-2017-16648", url: "https://bugzilla.suse.com/1067087", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16648", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16648", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16648", }, { cve: "CVE-2017-16995", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16995", }, ], notes: [ { category: "general", text: "The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16995", url: "https://www.suse.com/security/cve/CVE-2017-16995", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-16995", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16995", }, { cve: "CVE-2017-16996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16996", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16996", url: "https://www.suse.com/security/cve/CVE-2017-16996", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-16996", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-16996", }, { cve: "CVE-2017-17448", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17448", }, ], notes: [ { category: "general", text: "net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17448", url: "https://www.suse.com/security/cve/CVE-2017-17448", }, { category: "external", summary: "SUSE Bug 1071693 for CVE-2017-17448", url: "https://bugzilla.suse.com/1071693", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17448", }, { cve: "CVE-2017-17449", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17449", }, ], notes: [ { category: "general", text: "The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17449", url: "https://www.suse.com/security/cve/CVE-2017-17449", }, { category: "external", summary: "SUSE Bug 1071694 for CVE-2017-17449", url: "https://bugzilla.suse.com/1071694", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17449", }, { cve: "CVE-2017-17450", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17450", }, ], notes: [ { category: "general", text: "net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17450", url: "https://www.suse.com/security/cve/CVE-2017-17450", }, { category: "external", summary: "SUSE Bug 1071695 for CVE-2017-17450", url: "https://bugzilla.suse.com/1071695", }, { category: "external", summary: "SUSE Bug 1074033 for CVE-2017-17450", url: "https://bugzilla.suse.com/1074033", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-17450", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17450", }, { cve: "CVE-2017-17852", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17852", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17852", url: "https://www.suse.com/security/cve/CVE-2017-17852", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17852", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17852", }, { cve: "CVE-2017-17853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17853", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17853", url: "https://www.suse.com/security/cve/CVE-2017-17853", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17853", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17853", }, { cve: "CVE-2017-17854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17854", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17854", url: "https://www.suse.com/security/cve/CVE-2017-17854", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17854", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17854", }, { cve: "CVE-2017-17855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17855", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17855", url: "https://www.suse.com/security/cve/CVE-2017-17855", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17855", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17855", }, { cve: "CVE-2017-17856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17856", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17856", url: "https://www.suse.com/security/cve/CVE-2017-17856", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17856", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17856", }, { cve: "CVE-2017-17857", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17857", }, ], notes: [ { category: "general", text: "The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17857", url: "https://www.suse.com/security/cve/CVE-2017-17857", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17857", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17857", }, { cve: "CVE-2017-17862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17862", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17862", url: "https://www.suse.com/security/cve/CVE-2017-17862", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17862", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17862", }, { cve: "CVE-2017-5123", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5123", }, ], notes: [ { category: "general", text: "Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5123", url: "https://www.suse.com/security/cve/CVE-2017-5123", }, { category: "external", summary: "SUSE Bug 1062473 for CVE-2017-5123", url: "https://bugzilla.suse.com/1062473", }, { category: "external", summary: "SUSE Bug 1122971 for CVE-2017-5123", url: "https://bugzilla.suse.com/1122971", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5123", }, { cve: "CVE-2017-5715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5715", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5715", url: "https://www.suse.com/security/cve/CVE-2017-5715", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5715", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1074741 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074741", }, { category: "external", summary: "SUSE Bug 1074919 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074919", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075007 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075007", }, { category: "external", summary: "SUSE Bug 1075262 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075262", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1076115 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076115", }, { category: "external", summary: "SUSE Bug 1076372 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076372", }, { category: "external", summary: "SUSE Bug 1076606 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076606", }, { category: "external", summary: "SUSE Bug 1078353 for CVE-2017-5715", url: "https://bugzilla.suse.com/1078353", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5715", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087887 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087887", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1088147 for CVE-2017-5715", url: "https://bugzilla.suse.com/1088147", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5715", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-5715", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1095735 for CVE-2017-5715", url: "https://bugzilla.suse.com/1095735", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2017-5715", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-5715", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1126516 for CVE-2017-5715", url: "https://bugzilla.suse.com/1126516", }, { category: "external", summary: "SUSE Bug 1173489 for CVE-2017-5715", url: "https://bugzilla.suse.com/1173489", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5715", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201457 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201457", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1203236 for CVE-2017-5715", url: "https://bugzilla.suse.com/1203236", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5715", }, { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2017-5754", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5754", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5754", url: "https://www.suse.com/security/cve/CVE-2017-5754", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5754", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5754", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5754", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5754", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5754", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075008 for CVE-2017-5754", url: "https://bugzilla.suse.com/1075008", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5754", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5754", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1115045 for CVE-2017-5754", url: "https://bugzilla.suse.com/1115045", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5754", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5754", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5754", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5754", }, { cve: "CVE-2017-7541", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7541", }, ], notes: [ { category: "general", text: "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7541", url: "https://www.suse.com/security/cve/CVE-2017-7541", }, { category: "external", summary: "SUSE Bug 1049645 for CVE-2017-7541", url: "https://bugzilla.suse.com/1049645", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7541", }, { cve: "CVE-2017-7542", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7542", }, ], notes: [ { category: "general", text: "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7542", url: "https://www.suse.com/security/cve/CVE-2017-7542", }, { category: "external", summary: "SUSE Bug 1049882 for CVE-2017-7542", url: "https://bugzilla.suse.com/1049882", }, { category: "external", summary: "SUSE Bug 1061936 for CVE-2017-7542", url: "https://bugzilla.suse.com/1061936", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-7542", }, { cve: "CVE-2017-8824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8824", }, ], notes: [ { category: "general", text: "The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8824", url: "https://www.suse.com/security/cve/CVE-2017-8824", }, { category: "external", summary: "SUSE Bug 1070771 for CVE-2017-8824", url: "https://bugzilla.suse.com/1070771", }, { category: "external", summary: "SUSE Bug 1076734 for CVE-2017-8824", url: "https://bugzilla.suse.com/1076734", }, { category: "external", summary: "SUSE Bug 1092904 for CVE-2017-8824", url: "https://bugzilla.suse.com/1092904", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-8824", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-8824", }, { cve: "CVE-2017-8831", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-8831", }, ], notes: [ { category: "general", text: "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-8831", url: "https://www.suse.com/security/cve/CVE-2017-8831", }, { category: "external", summary: "SUSE Bug 1037994 for CVE-2017-8831", url: "https://bugzilla.suse.com/1037994", }, { category: "external", summary: "SUSE Bug 1061936 for CVE-2017-8831", url: "https://bugzilla.suse.com/1061936", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-8831", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-8831", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-8831", }, { cve: "CVE-2018-1000004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000004", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000004", url: "https://www.suse.com/security/cve/CVE-2018-1000004", }, { category: "external", summary: "SUSE Bug 1076017 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1076017", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-1000004", }, { cve: "CVE-2018-10322", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10322", }, ], notes: [ { category: "general", text: "The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10322", url: "https://www.suse.com/security/cve/CVE-2018-10322", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10322", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1090749 for CVE-2018-10322", url: "https://bugzilla.suse.com/1090749", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10322", }, { cve: "CVE-2018-10323", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10323", }, ], notes: [ { category: "general", text: "The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10323", url: "https://www.suse.com/security/cve/CVE-2018-10323", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10323", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1090717 for CVE-2018-10323", url: "https://bugzilla.suse.com/1090717", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-10323", }, { cve: "CVE-2018-1068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1068", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1068", url: "https://www.suse.com/security/cve/CVE-2018-1068", }, { category: "external", summary: "SUSE Bug 1085107 for CVE-2018-1068", url: "https://bugzilla.suse.com/1085107", }, { category: "external", summary: "SUSE Bug 1085114 for CVE-2018-1068", url: "https://bugzilla.suse.com/1085114", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-1068", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1123903 for CVE-2018-1068", url: "https://bugzilla.suse.com/1123903", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-1068", }, { cve: "CVE-2018-1118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1118", }, ], notes: [ { category: "general", text: "Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1118", url: "https://www.suse.com/security/cve/CVE-2018-1118", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-1118", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092472 for CVE-2018-1118", url: "https://bugzilla.suse.com/1092472", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-1118", }, { cve: "CVE-2018-12232", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12232", }, ], notes: [ { category: "general", text: "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12232", url: "https://www.suse.com/security/cve/CVE-2018-12232", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-12232", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1097593 for CVE-2018-12232", url: "https://bugzilla.suse.com/1097593", }, { category: "external", summary: "SUSE Bug 1125907 for CVE-2018-12232", url: "https://bugzilla.suse.com/1125907", }, { category: "external", summary: "SUSE Bug 1127757 for CVE-2018-12232", url: "https://bugzilla.suse.com/1127757", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-12232", }, { cve: "CVE-2018-12714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12714", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12714", url: "https://www.suse.com/security/cve/CVE-2018-12714", }, { category: "external", summary: "SUSE Bug 1098933 for CVE-2018-12714", url: "https://bugzilla.suse.com/1098933", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-12714", }, { cve: "CVE-2018-13053", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13053", }, ], notes: [ { category: "general", text: "The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13053", url: "https://www.suse.com/security/cve/CVE-2018-13053", }, { category: "external", summary: "SUSE Bug 1099924 for CVE-2018-13053", url: "https://bugzilla.suse.com/1099924", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-13053", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-13053", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-18710", }, { cve: "CVE-2018-19824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19824", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19824", url: "https://www.suse.com/security/cve/CVE-2018-19824", }, { category: "external", summary: "SUSE Bug 1118152 for CVE-2018-19824", url: "https://bugzilla.suse.com/1118152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19824", }, { cve: "CVE-2018-5332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5332", }, ], notes: [ { category: "general", text: "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5332", url: "https://www.suse.com/security/cve/CVE-2018-5332", }, { category: "external", summary: "SUSE Bug 1075621 for CVE-2018-5332", url: "https://bugzilla.suse.com/1075621", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5332", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-5332", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5333", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5333", url: "https://www.suse.com/security/cve/CVE-2018-5333", }, { category: "external", summary: "SUSE Bug 1075617 for CVE-2018-5333", url: "https://bugzilla.suse.com/1075617", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5333", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-5333", }, { cve: "CVE-2018-8043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-8043", }, ], notes: [ { category: "general", text: "The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-8043", url: "https://www.suse.com/security/cve/CVE-2018-8043", }, { category: "external", summary: "SUSE Bug 1084829 for CVE-2018-8043", url: "https://bugzilla.suse.com/1084829", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-8043", }, { cve: "CVE-2018-8087", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-8087", }, ], notes: [ { category: "general", text: "Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-8087", url: "https://www.suse.com/security/cve/CVE-2018-8087", }, { category: "external", summary: "SUSE Bug 1085053 for CVE-2018-8087", url: "https://bugzilla.suse.com/1085053", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-8087", }, { cve: "CVE-2018-8822", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-8822", }, ], notes: [ { category: "general", text: "Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-8822", url: "https://www.suse.com/security/cve/CVE-2018-8822", }, { category: "external", summary: "SUSE Bug 1086162 for CVE-2018-8822", url: "https://bugzilla.suse.com/1086162", }, { category: "external", summary: "SUSE Bug 1090404 for CVE-2018-8822", url: "https://bugzilla.suse.com/1090404", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-8822", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-8822", }, { cve: "CVE-2019-10207", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10207", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10207", url: "https://www.suse.com/security/cve/CVE-2019-10207", }, { category: "external", summary: "SUSE Bug 1123959 for CVE-2019-10207", url: "https://bugzilla.suse.com/1123959", }, { category: "external", summary: "SUSE Bug 1142857 for CVE-2019-10207", url: "https://bugzilla.suse.com/1142857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10207", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-14615", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14615", }, ], notes: [ { category: "general", text: "Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14615", url: "https://www.suse.com/security/cve/CVE-2019-14615", }, { category: "external", summary: "SUSE Bug 1160195 for CVE-2019-14615", url: "https://bugzilla.suse.com/1160195", }, { category: "external", summary: "SUSE Bug 1165881 for CVE-2019-14615", url: "https://bugzilla.suse.com/1165881", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-14615", }, { cve: "CVE-2019-14814", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14814", }, ], notes: [ { category: "general", text: "There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14814", url: "https://www.suse.com/security/cve/CVE-2019-14814", }, { category: "external", summary: "SUSE Bug 1146512 for CVE-2019-14814", url: "https://bugzilla.suse.com/1146512", }, { category: "external", summary: "SUSE Bug 1173664 for CVE-2019-14814", url: "https://bugzilla.suse.com/1173664", }, { category: "external", summary: "SUSE Bug 1173665 for CVE-2019-14814", url: "https://bugzilla.suse.com/1173665", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14814", }, { cve: "CVE-2019-14896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14896", }, ], notes: [ { category: "general", text: "A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14896", url: "https://www.suse.com/security/cve/CVE-2019-14896", }, { category: "external", summary: "SUSE Bug 1157157 for CVE-2019-14896", url: "https://bugzilla.suse.com/1157157", }, { category: "external", summary: "SUSE Bug 1160468 for CVE-2019-14896", url: "https://bugzilla.suse.com/1160468", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14896", }, { cve: "CVE-2019-15030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15030", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15030", url: "https://www.suse.com/security/cve/CVE-2019-15030", }, { category: "external", summary: "SUSE Bug 1149713 for CVE-2019-15030", url: "https://bugzilla.suse.com/1149713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15030", }, { cve: "CVE-2019-15031", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15031", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15031", url: "https://www.suse.com/security/cve/CVE-2019-15031", }, { category: "external", summary: "SUSE Bug 1149713 for CVE-2019-15031", url: "https://bugzilla.suse.com/1149713", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15031", }, { cve: "CVE-2019-15098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15098", }, ], notes: [ { category: "general", text: "drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15098", url: "https://www.suse.com/security/cve/CVE-2019-15098", }, { category: "external", summary: "SUSE Bug 1146378 for CVE-2019-15098", url: "https://bugzilla.suse.com/1146378", }, { category: "external", summary: "SUSE Bug 1146543 for CVE-2019-15098", url: "https://bugzilla.suse.com/1146543", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15098", }, { cve: "CVE-2019-15099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15099", }, ], notes: [ { category: "general", text: "drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15099", url: "https://www.suse.com/security/cve/CVE-2019-15099", }, { category: "external", summary: "SUSE Bug 1146368 for CVE-2019-15099", url: "https://bugzilla.suse.com/1146368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15099", }, { cve: "CVE-2019-15290", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15290", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-15098. Reason: This candidate is a duplicate of CVE-2019-15098. Notes: All CVE users should reference CVE-2019-15098 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15290", url: "https://www.suse.com/security/cve/CVE-2019-15290", }, { category: "external", summary: "SUSE Bug 1146378 for CVE-2019-15290", url: "https://bugzilla.suse.com/1146378", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2019-15290", url: "https://bugzilla.suse.com/1146519", }, { category: "external", summary: "SUSE Bug 1146543 for CVE-2019-15290", url: "https://bugzilla.suse.com/1146543", }, { category: "external", summary: "SUSE Bug 1158381 for CVE-2019-15290", url: "https://bugzilla.suse.com/1158381", }, { category: "external", summary: "SUSE Bug 1158834 for CVE-2019-15290", url: "https://bugzilla.suse.com/1158834", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15290", }, { cve: "CVE-2019-15504", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15504", }, ], notes: [ { category: "general", text: "drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15504", url: "https://www.suse.com/security/cve/CVE-2019-15504", }, { category: "external", summary: "SUSE Bug 1147116 for CVE-2019-15504", url: "https://bugzilla.suse.com/1147116", }, { category: "external", summary: "SUSE Bug 1185852 for CVE-2019-15504", url: "https://bugzilla.suse.com/1185852", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-15504", }, { cve: "CVE-2019-15902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15902", }, ], notes: [ { category: "general", text: "A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream \"x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()\" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15902", url: "https://www.suse.com/security/cve/CVE-2019-15902", }, { category: "external", summary: "SUSE Bug 1149376 for CVE-2019-15902", url: "https://bugzilla.suse.com/1149376", }, { category: "external", summary: "SUSE Bug 1155131 for CVE-2019-15902", url: "https://bugzilla.suse.com/1155131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-15902", }, { cve: "CVE-2019-16231", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16231", }, ], notes: [ { category: "general", text: "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16231", url: "https://www.suse.com/security/cve/CVE-2019-16231", }, { category: "external", summary: "SUSE Bug 1150466 for CVE-2019-16231", url: "https://bugzilla.suse.com/1150466", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-16231", }, { cve: "CVE-2019-16232", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16232", }, ], notes: [ { category: "general", text: "drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16232", url: "https://www.suse.com/security/cve/CVE-2019-16232", }, { category: "external", summary: "SUSE Bug 1150465 for CVE-2019-16232", url: "https://bugzilla.suse.com/1150465", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-16232", }, { cve: "CVE-2019-16234", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16234", }, ], notes: [ { category: "general", text: "drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16234", url: "https://www.suse.com/security/cve/CVE-2019-16234", }, { category: "external", summary: "SUSE Bug 1150452 for CVE-2019-16234", url: "https://bugzilla.suse.com/1150452", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-16234", }, { cve: "CVE-2019-17133", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-17133", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-17133", url: "https://www.suse.com/security/cve/CVE-2019-17133", }, { category: "external", summary: "SUSE Bug 1153158 for CVE-2019-17133", url: "https://bugzilla.suse.com/1153158", }, { category: "external", summary: "SUSE Bug 1153161 for CVE-2019-17133", url: "https://bugzilla.suse.com/1153161", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-17133", }, { cve: "CVE-2019-17666", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-17666", }, ], notes: [ { category: "general", text: "rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-17666", url: "https://www.suse.com/security/cve/CVE-2019-17666", }, { category: "external", summary: "SUSE Bug 1154372 for CVE-2019-17666", url: "https://bugzilla.suse.com/1154372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-17666", }, { cve: "CVE-2019-18808", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18808", }, ], notes: [ { category: "general", text: "A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18808", url: "https://www.suse.com/security/cve/CVE-2019-18808", }, { category: "external", summary: "SUSE Bug 1156259 for CVE-2019-18808", url: "https://bugzilla.suse.com/1156259", }, { category: "external", summary: "SUSE Bug 1189884 for CVE-2019-18808", url: "https://bugzilla.suse.com/1189884", }, { category: "external", summary: "SUSE Bug 1190534 for CVE-2019-18808", url: "https://bugzilla.suse.com/1190534", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-18808", }, { cve: "CVE-2019-18812", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18812", }, ], notes: [ { category: "general", text: "A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18812", url: "https://www.suse.com/security/cve/CVE-2019-18812", }, { category: "external", summary: "SUSE Bug 1156277 for CVE-2019-18812", url: "https://bugzilla.suse.com/1156277", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-18812", }, { cve: "CVE-2019-18813", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18813", }, ], notes: [ { category: "general", text: "A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18813", url: "https://www.suse.com/security/cve/CVE-2019-18813", }, { category: "external", summary: "SUSE Bug 1156278 for CVE-2019-18813", url: "https://bugzilla.suse.com/1156278", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-18813", }, { cve: "CVE-2019-19252", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19252", }, ], notes: [ { category: "general", text: "vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19252", url: "https://www.suse.com/security/cve/CVE-2019-19252", }, { category: "external", summary: "SUSE Bug 1157813 for CVE-2019-19252", url: "https://bugzilla.suse.com/1157813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-19252", }, { cve: "CVE-2019-19332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19332", }, ], notes: [ { category: "general", text: "An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19332", url: "https://www.suse.com/security/cve/CVE-2019-19332", }, { category: "external", summary: "SUSE Bug 1158827 for CVE-2019-19332", url: "https://bugzilla.suse.com/1158827", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-19332", }, { cve: "CVE-2019-19338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19338", }, ], notes: [ { category: "general", text: "A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19338", url: "https://www.suse.com/security/cve/CVE-2019-19338", }, { category: "external", summary: "SUSE Bug 1158954 for CVE-2019-19338", url: "https://bugzilla.suse.com/1158954", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-19338", }, { cve: "CVE-2019-3016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3016", }, ], notes: [ { category: "general", text: "In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3016", url: "https://www.suse.com/security/cve/CVE-2019-3016", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2019-3016", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1161154 for CVE-2019-3016", url: "https://bugzilla.suse.com/1161154", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3016", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-3887", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3887", }, ], notes: [ { category: "general", text: "A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3887", url: "https://www.suse.com/security/cve/CVE-2019-3887", }, { category: "external", summary: "SUSE Bug 1131800 for CVE-2019-3887", url: "https://bugzilla.suse.com/1131800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3887", }, { cve: "CVE-2019-6974", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-6974", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-6974", url: "https://www.suse.com/security/cve/CVE-2019-6974", }, { category: "external", summary: "SUSE Bug 1124728 for CVE-2019-6974", url: "https://bugzilla.suse.com/1124728", }, { category: "external", summary: "SUSE Bug 1124729 for CVE-2019-6974", url: "https://bugzilla.suse.com/1124729", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-6974", }, { cve: "CVE-2019-7221", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-7221", }, ], notes: [ { category: "general", text: "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-7221", url: "https://www.suse.com/security/cve/CVE-2019-7221", }, { category: "external", summary: "SUSE Bug 1124732 for CVE-2019-7221", url: "https://bugzilla.suse.com/1124732", }, { category: "external", summary: "SUSE Bug 1124734 for CVE-2019-7221", url: "https://bugzilla.suse.com/1124734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-7221", }, { cve: "CVE-2019-7222", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-7222", }, ], notes: [ { category: "general", text: "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-7222", url: "https://www.suse.com/security/cve/CVE-2019-7222", }, { category: "external", summary: "SUSE Bug 1124735 for CVE-2019-7222", url: "https://bugzilla.suse.com/1124735", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2019-7222", }, { cve: "CVE-2019-8564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8564", }, ], notes: [ { category: "general", text: "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8564", url: "https://www.suse.com/security/cve/CVE-2019-8564", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-8564", }, { cve: "CVE-2019-8912", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8912", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8912", url: "https://www.suse.com/security/cve/CVE-2019-8912", }, { category: "external", summary: "SUSE Bug 1125907 for CVE-2019-8912", url: "https://bugzilla.suse.com/1125907", }, { category: "external", summary: "SUSE Bug 1126284 for CVE-2019-8912", url: "https://bugzilla.suse.com/1126284", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-8912", }, { cve: "CVE-2019-9500", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9500", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9500", url: "https://www.suse.com/security/cve/CVE-2019-9500", }, { category: "external", summary: "SUSE Bug 1132681 for CVE-2019-9500", url: "https://bugzilla.suse.com/1132681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9500", }, { cve: "CVE-2020-10135", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10135", }, ], notes: [ { category: "general", text: "Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10135", url: "https://www.suse.com/security/cve/CVE-2020-10135", }, { category: "external", summary: "SUSE Bug 1171988 for CVE-2020-10135", url: "https://bugzilla.suse.com/1171988", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10135", }, { cve: "CVE-2020-10766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10766", }, ], notes: [ { category: "general", text: "A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10766", url: "https://www.suse.com/security/cve/CVE-2020-10766", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2020-10766", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1172781 for CVE-2020-10766", url: "https://bugzilla.suse.com/1172781", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10766", }, { cve: "CVE-2020-10767", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10767", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10767", url: "https://www.suse.com/security/cve/CVE-2020-10767", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2020-10767", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1172782 for CVE-2020-10767", url: "https://bugzilla.suse.com/1172782", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10767", }, { cve: "CVE-2020-10768", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10768", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10768", url: "https://www.suse.com/security/cve/CVE-2020-10768", }, { category: "external", summary: "SUSE Bug 1159281 for CVE-2020-10768", url: "https://bugzilla.suse.com/1159281", }, { category: "external", summary: "SUSE Bug 1172783 for CVE-2020-10768", url: "https://bugzilla.suse.com/1172783", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-10768", }, { cve: "CVE-2020-12351", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12351", }, ], notes: [ { category: "general", text: "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12351", url: "https://www.suse.com/security/cve/CVE-2020-12351", }, { category: "external", summary: "SUSE Bug 1177724 for CVE-2020-12351", url: "https://bugzilla.suse.com/1177724", }, { category: "external", summary: "SUSE Bug 1177729 for CVE-2020-12351", url: "https://bugzilla.suse.com/1177729", }, { category: "external", summary: "SUSE Bug 1178397 for CVE-2020-12351", url: "https://bugzilla.suse.com/1178397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-12351", }, { cve: "CVE-2020-12352", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12352", }, ], notes: [ { category: "general", text: "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12352", url: "https://www.suse.com/security/cve/CVE-2020-12352", }, { category: "external", summary: "SUSE Bug 1177725 for CVE-2020-12352", url: "https://bugzilla.suse.com/1177725", }, { category: "external", summary: "SUSE Bug 1178398 for CVE-2020-12352", url: "https://bugzilla.suse.com/1178398", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-12352", }, { cve: "CVE-2020-14331", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14331", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14331", url: "https://www.suse.com/security/cve/CVE-2020-14331", }, { category: "external", summary: "SUSE Bug 1174205 for CVE-2020-14331", url: "https://bugzilla.suse.com/1174205", }, { category: "external", summary: "SUSE Bug 1174247 for CVE-2020-14331", url: "https://bugzilla.suse.com/1174247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14331", }, { cve: "CVE-2020-14386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14386", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14386", url: "https://www.suse.com/security/cve/CVE-2020-14386", }, { category: "external", summary: "SUSE Bug 1176069 for CVE-2020-14386", url: "https://bugzilla.suse.com/1176069", }, { category: "external", summary: "SUSE Bug 1176072 for CVE-2020-14386", url: "https://bugzilla.suse.com/1176072", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14386", }, { cve: "CVE-2020-24586", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24586", }, ], notes: [ { category: "general", text: "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-24586", url: "https://www.suse.com/security/cve/CVE-2020-24586", }, { category: "external", summary: "SUSE Bug 1185859 for CVE-2020-24586", url: "https://bugzilla.suse.com/1185859", }, { category: "external", summary: "SUSE Bug 1192868 for CVE-2020-24586", url: "https://bugzilla.suse.com/1192868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-24586", }, { cve: "CVE-2020-24587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24587", }, ], notes: [ { category: "general", text: "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-24587", url: "https://www.suse.com/security/cve/CVE-2020-24587", }, { category: "external", summary: "SUSE Bug 1185859 for CVE-2020-24587", url: "https://bugzilla.suse.com/1185859", }, { category: "external", summary: "SUSE Bug 1185862 for CVE-2020-24587", url: "https://bugzilla.suse.com/1185862", }, { category: "external", summary: "SUSE Bug 1192868 for CVE-2020-24587", url: "https://bugzilla.suse.com/1192868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-24587", }, { cve: "CVE-2020-24588", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24588", }, ], notes: [ { category: "general", text: "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-24588", url: "https://www.suse.com/security/cve/CVE-2020-24588", }, { category: "external", summary: "SUSE Bug 1185861 for CVE-2020-24588", url: "https://bugzilla.suse.com/1185861", }, { category: "external", summary: "SUSE Bug 1192868 for CVE-2020-24588", url: "https://bugzilla.suse.com/1192868", }, { category: "external", summary: "SUSE Bug 1199701 for CVE-2020-24588", url: "https://bugzilla.suse.com/1199701", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-24588", }, { cve: "CVE-2020-25639", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25639", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25639", url: "https://www.suse.com/security/cve/CVE-2020-25639", }, { category: "external", summary: "SUSE Bug 1176846 for CVE-2020-25639", url: "https://bugzilla.suse.com/1176846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25639", }, { cve: "CVE-2020-25656", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25656", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25656", url: "https://www.suse.com/security/cve/CVE-2020-25656", }, { category: "external", summary: "SUSE Bug 1177766 for CVE-2020-25656", url: "https://bugzilla.suse.com/1177766", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25656", }, { cve: "CVE-2020-25668", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25668", }, ], notes: [ { category: "general", text: "A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25668", url: "https://www.suse.com/security/cve/CVE-2020-25668", }, { category: "external", summary: "SUSE Bug 1178123 for CVE-2020-25668", url: "https://bugzilla.suse.com/1178123", }, { category: "external", summary: "SUSE Bug 1178622 for CVE-2020-25668", url: "https://bugzilla.suse.com/1178622", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2020-25668", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25668", }, { cve: "CVE-2020-26141", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26141", }, ], notes: [ { category: "general", text: "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26141", url: "https://www.suse.com/security/cve/CVE-2020-26141", }, { category: "external", summary: "SUSE Bug 1185987 for CVE-2020-26141", url: "https://bugzilla.suse.com/1185987", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26141", }, { cve: "CVE-2020-2732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-2732", }, ], notes: [ { category: "general", text: "A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-2732", url: "https://www.suse.com/security/cve/CVE-2020-2732", }, { category: "external", summary: "SUSE Bug 1163971 for CVE-2020-2732", url: "https://bugzilla.suse.com/1163971", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.2, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-2732", }, { cve: "CVE-2020-29660", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-29660", }, ], notes: [ { category: "general", text: "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-29660", url: "https://www.suse.com/security/cve/CVE-2020-29660", }, { category: "external", summary: "SUSE Bug 1179745 for CVE-2020-29660", url: "https://bugzilla.suse.com/1179745", }, { category: "external", summary: "SUSE Bug 1179877 for CVE-2020-29660", url: "https://bugzilla.suse.com/1179877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-29660", }, { cve: "CVE-2020-29661", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-29661", }, ], notes: [ { category: "general", text: "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-29661", url: "https://www.suse.com/security/cve/CVE-2020-29661", }, { category: "external", summary: "SUSE Bug 1179745 for CVE-2020-29661", url: "https://bugzilla.suse.com/1179745", }, { category: "external", summary: "SUSE Bug 1179877 for CVE-2020-29661", url: "https://bugzilla.suse.com/1179877", }, { category: "external", summary: "SUSE Bug 1214268 for CVE-2020-29661", url: "https://bugzilla.suse.com/1214268", }, { category: "external", summary: "SUSE Bug 1218966 for CVE-2020-29661", url: "https://bugzilla.suse.com/1218966", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-29661", }, { cve: "CVE-2020-8648", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8648", }, ], notes: [ { category: "general", text: "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8648", url: "https://www.suse.com/security/cve/CVE-2020-8648", }, { category: "external", summary: "SUSE Bug 1162928 for CVE-2020-8648", url: "https://bugzilla.suse.com/1162928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8648", }, { cve: "CVE-2020-8694", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8694", }, ], notes: [ { category: "general", text: "Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8694", url: "https://www.suse.com/security/cve/CVE-2020-8694", }, { category: "external", summary: "SUSE Bug 1170415 for CVE-2020-8694", url: "https://bugzilla.suse.com/1170415", }, { category: "external", summary: "SUSE Bug 1170446 for CVE-2020-8694", url: "https://bugzilla.suse.com/1170446", }, { category: "external", summary: "SUSE Bug 1178591 for CVE-2020-8694", url: "https://bugzilla.suse.com/1178591", }, { category: "external", summary: "SUSE Bug 1178700 for CVE-2020-8694", url: "https://bugzilla.suse.com/1178700", }, { category: "external", summary: "SUSE Bug 1179661 for CVE-2020-8694", url: "https://bugzilla.suse.com/1179661", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8694", }, { cve: "CVE-2021-23133", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-23133", }, ], notes: [ { category: "general", text: "A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-23133", url: "https://www.suse.com/security/cve/CVE-2021-23133", }, { category: "external", summary: "SUSE Bug 1184675 for CVE-2021-23133", url: "https://bugzilla.suse.com/1184675", }, { category: "external", summary: "SUSE Bug 1185901 for CVE-2021-23133", url: "https://bugzilla.suse.com/1185901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-23133", }, { cve: "CVE-2021-26708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-26708", }, ], notes: [ { category: "general", text: "A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-26708", url: "https://www.suse.com/security/cve/CVE-2021-26708", }, { category: "external", summary: "SUSE Bug 1181806 for CVE-2021-26708", url: "https://bugzilla.suse.com/1181806", }, { category: "external", summary: "SUSE Bug 1183298 for CVE-2021-26708", url: "https://bugzilla.suse.com/1183298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-26708", }, { cve: "CVE-2021-28971", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-28971", }, ], notes: [ { category: "general", text: "In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-28971", url: "https://www.suse.com/security/cve/CVE-2021-28971", }, { category: "external", summary: "SUSE Bug 1184196 for CVE-2021-28971", url: "https://bugzilla.suse.com/1184196", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-28971", }, { cve: "CVE-2021-32606", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-32606", }, ], notes: [ { category: "general", text: "In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-32606", url: "https://www.suse.com/security/cve/CVE-2021-32606", }, { category: "external", summary: "SUSE Bug 1185953 for CVE-2021-32606", url: "https://bugzilla.suse.com/1185953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-32606", }, { cve: "CVE-2021-33909", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-33909", }, ], notes: [ { category: "general", text: "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-33909", url: "https://www.suse.com/security/cve/CVE-2021-33909", }, { category: "external", summary: "SUSE Bug 1188062 for CVE-2021-33909", url: "https://bugzilla.suse.com/1188062", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2021-33909", url: "https://bugzilla.suse.com/1188063", }, { category: "external", summary: "SUSE Bug 1188257 for CVE-2021-33909", url: "https://bugzilla.suse.com/1188257", }, { category: "external", summary: "SUSE Bug 1189302 for CVE-2021-33909", url: "https://bugzilla.suse.com/1189302", }, { category: "external", summary: "SUSE Bug 1190859 for CVE-2021-33909", url: "https://bugzilla.suse.com/1190859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-33909", }, { cve: "CVE-2021-3483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3483", }, ], notes: [ { category: "general", text: "A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3483", url: "https://www.suse.com/security/cve/CVE-2021-3483", }, { category: "external", summary: "SUSE Bug 1184393 for CVE-2021-3483", url: "https://bugzilla.suse.com/1184393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3483", }, { cve: "CVE-2021-3489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3489", }, ], notes: [ { category: "general", text: "The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee (\"bpf, ringbuf: Deny reserve of buffers larger than ringbuf\") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 (\"bpf: Implement BPF ring buffer and verifier support for it\") (v5.8-rc1).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3489", url: "https://www.suse.com/security/cve/CVE-2021-3489", }, { category: "external", summary: "SUSE Bug 1185640 for CVE-2021-3489", url: "https://bugzilla.suse.com/1185640", }, { category: "external", summary: "SUSE Bug 1185856 for CVE-2021-3489", url: "https://bugzilla.suse.com/1185856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3489", }, { cve: "CVE-2021-3490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3490", }, ], notes: [ { category: "general", text: "The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e (\"bpf: Fix alu32 const subreg bound tracking on bitwise operations\") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 (\"bpf: Verifier, do explicit ALU32 bounds tracking\") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 (\"bpf:Fix a verifier failure with xor\") ( 5.10-rc1).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3490", url: "https://www.suse.com/security/cve/CVE-2021-3490", }, { category: "external", summary: "SUSE Bug 1185641 for CVE-2021-3490", url: "https://bugzilla.suse.com/1185641", }, { category: "external", summary: "SUSE Bug 1185796 for CVE-2021-3490", url: "https://bugzilla.suse.com/1185796", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3490", }, { cve: "CVE-2021-3491", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3491", }, ], notes: [ { category: "general", text: "The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was addressed via commit d1f82808877b (\"io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers\") (v5.13-rc1) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced in ddf0322db79c (\"io_uring: add IORING_OP_PROVIDE_BUFFERS\") (v5.7-rc1).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3491", url: "https://www.suse.com/security/cve/CVE-2021-3491", }, { category: "external", summary: "SUSE Bug 1185642 for CVE-2021-3491", url: "https://bugzilla.suse.com/1185642", }, { category: "external", summary: "SUSE Bug 1187090 for CVE-2021-3491", url: "https://bugzilla.suse.com/1187090", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3491", }, { cve: "CVE-2021-3542", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3542", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a reservation duplicate of CVE-2021-42739. Notes: All CVE users should reference CVE-2021-42739 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3542", url: "https://www.suse.com/security/cve/CVE-2021-3542", }, { category: "external", summary: "SUSE Bug 1184673 for CVE-2021-3542", url: "https://bugzilla.suse.com/1184673", }, { category: "external", summary: "SUSE Bug 1186063 for CVE-2021-3542", url: "https://bugzilla.suse.com/1186063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3542", }, { cve: "CVE-2021-3640", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3640", }, ], notes: [ { category: "general", text: "A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3640", url: "https://www.suse.com/security/cve/CVE-2021-3640", }, { category: "external", summary: "SUSE Bug 1188172 for CVE-2021-3640", url: "https://bugzilla.suse.com/1188172", }, { category: "external", summary: "SUSE Bug 1188613 for CVE-2021-3640", url: "https://bugzilla.suse.com/1188613", }, { category: "external", summary: "SUSE Bug 1191530 for CVE-2021-3640", url: "https://bugzilla.suse.com/1191530", }, { category: "external", summary: "SUSE Bug 1196810 for CVE-2021-3640", url: "https://bugzilla.suse.com/1196810", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-3640", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3640", }, { cve: "CVE-2021-3653", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3653", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"int_ctl\" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3653", url: "https://www.suse.com/security/cve/CVE-2021-3653", }, { category: "external", summary: "SUSE Bug 1189399 for CVE-2021-3653", url: "https://bugzilla.suse.com/1189399", }, { category: "external", summary: "SUSE Bug 1189420 for CVE-2021-3653", url: "https://bugzilla.suse.com/1189420", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-3653", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3653", }, { cve: "CVE-2021-3656", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3656", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"virt_ext\" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3656", url: "https://www.suse.com/security/cve/CVE-2021-3656", }, { category: "external", summary: "SUSE Bug 1189400 for CVE-2021-3656", url: "https://bugzilla.suse.com/1189400", }, { category: "external", summary: "SUSE Bug 1189418 for CVE-2021-3656", url: "https://bugzilla.suse.com/1189418", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3656", }, { cve: "CVE-2021-3744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3744", }, ], notes: [ { category: "general", text: "A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3744", url: "https://www.suse.com/security/cve/CVE-2021-3744", }, { category: "external", summary: "SUSE Bug 1189884 for CVE-2021-3744", url: "https://bugzilla.suse.com/1189884", }, { category: "external", summary: "SUSE Bug 1190534 for CVE-2021-3744", url: "https://bugzilla.suse.com/1190534", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3744", }, { cve: "CVE-2021-3753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3753", }, ], notes: [ { category: "general", text: "A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3753", url: "https://www.suse.com/security/cve/CVE-2021-3753", }, { category: "external", summary: "SUSE Bug 1190025 for CVE-2021-3753", url: "https://bugzilla.suse.com/1190025", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2021-3753", }, { cve: "CVE-2021-37576", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37576", }, ], notes: [ { category: "general", text: "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37576", url: "https://www.suse.com/security/cve/CVE-2021-37576", }, { category: "external", summary: "SUSE Bug 1188838 for CVE-2021-37576", url: "https://bugzilla.suse.com/1188838", }, { category: "external", summary: "SUSE Bug 1188842 for CVE-2021-37576", url: "https://bugzilla.suse.com/1188842", }, { category: "external", summary: "SUSE Bug 1190276 for CVE-2021-37576", url: "https://bugzilla.suse.com/1190276", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-37576", }, { cve: "CVE-2021-3759", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3759", }, ], notes: [ { category: "general", text: "A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3759", url: "https://www.suse.com/security/cve/CVE-2021-3759", }, { category: "external", summary: "SUSE Bug 1190115 for CVE-2021-3759", url: "https://bugzilla.suse.com/1190115", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-3759", }, { cve: "CVE-2021-38166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38166", }, ], notes: [ { category: "general", text: "In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38166", url: "https://www.suse.com/security/cve/CVE-2021-38166", }, { category: "external", summary: "SUSE Bug 1189233 for CVE-2021-38166", url: "https://bugzilla.suse.com/1189233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-38166", }, { cve: "CVE-2021-43976", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43976", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-43976", url: "https://www.suse.com/security/cve/CVE-2021-43976", }, { category: "external", summary: "SUSE Bug 1192847 for CVE-2021-43976", url: "https://bugzilla.suse.com/1192847", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-43976", }, { cve: "CVE-2022-0185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0185", }, ], notes: [ { category: "general", text: "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0185", url: "https://www.suse.com/security/cve/CVE-2022-0185", }, { category: "external", summary: "SUSE Bug 1194517 for CVE-2022-0185", url: "https://bugzilla.suse.com/1194517", }, { category: "external", summary: "SUSE Bug 1194737 for CVE-2022-0185", url: "https://bugzilla.suse.com/1194737", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-0185", }, { cve: "CVE-2022-0330", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0330", }, ], notes: [ { category: "general", text: "A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0330", url: "https://www.suse.com/security/cve/CVE-2022-0330", }, { category: "external", summary: "SUSE Bug 1194880 for CVE-2022-0330", url: "https://bugzilla.suse.com/1194880", }, { category: "external", summary: "SUSE Bug 1195950 for CVE-2022-0330", url: "https://bugzilla.suse.com/1195950", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-0330", }, { cve: "CVE-2022-0847", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0847", }, ], notes: [ { category: "general", text: "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0847", url: "https://www.suse.com/security/cve/CVE-2022-0847", }, { category: "external", summary: "SUSE Bug 1196584 for CVE-2022-0847", url: "https://bugzilla.suse.com/1196584", }, { category: "external", summary: "SUSE Bug 1196601 for CVE-2022-0847", url: "https://bugzilla.suse.com/1196601", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-0847", }, { cve: "CVE-2022-0886", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0886", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27666. Reason: This candidate is a reservation duplicate of CVE-2022-27666. Notes: All CVE users should reference CVE-2022-27666 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0886", url: "https://www.suse.com/security/cve/CVE-2022-0886", }, { category: "external", summary: "SUSE Bug 1197131 for CVE-2022-0886", url: "https://bugzilla.suse.com/1197131", }, { category: "external", summary: "SUSE Bug 1197133 for CVE-2022-0886", url: "https://bugzilla.suse.com/1197133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-0886", }, { cve: "CVE-2022-1462", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1462", }, ], notes: [ { category: "general", text: "An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1462", url: "https://www.suse.com/security/cve/CVE-2022-1462", }, { category: "external", summary: "SUSE Bug 1198829 for CVE-2022-1462", url: "https://bugzilla.suse.com/1198829", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-1462", }, { cve: "CVE-2022-1516", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1516", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1516", url: "https://www.suse.com/security/cve/CVE-2022-1516", }, { category: "external", summary: "SUSE Bug 1199012 for CVE-2022-1516", url: "https://bugzilla.suse.com/1199012", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-1516", }, { cve: "CVE-2022-1679", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1679", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1679", url: "https://www.suse.com/security/cve/CVE-2022-1679", }, { category: "external", summary: "SUSE Bug 1199487 for CVE-2022-1679", url: "https://bugzilla.suse.com/1199487", }, { category: "external", summary: "SUSE Bug 1201080 for CVE-2022-1679", url: "https://bugzilla.suse.com/1201080", }, { category: "external", summary: "SUSE Bug 1201832 for CVE-2022-1679", url: "https://bugzilla.suse.com/1201832", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-1679", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1212316 for CVE-2022-1679", url: "https://bugzilla.suse.com/1212316", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-1679", }, { cve: "CVE-2022-1729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1729", }, ], notes: [ { category: "general", text: "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1729", url: "https://www.suse.com/security/cve/CVE-2022-1729", }, { category: "external", summary: "SUSE Bug 1199507 for CVE-2022-1729", url: "https://bugzilla.suse.com/1199507", }, { category: "external", summary: "SUSE Bug 1199697 for CVE-2022-1729", url: "https://bugzilla.suse.com/1199697", }, { category: "external", summary: "SUSE Bug 1201832 for CVE-2022-1729", url: "https://bugzilla.suse.com/1201832", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-1729", }, { cve: "CVE-2022-1852", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1852", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1852", url: "https://www.suse.com/security/cve/CVE-2022-1852", }, { category: "external", summary: "SUSE Bug 1199875 for CVE-2022-1852", url: "https://bugzilla.suse.com/1199875", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-1852", }, { cve: "CVE-2022-1966", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1966", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1966", url: "https://www.suse.com/security/cve/CVE-2022-1966", }, { category: "external", summary: "SUSE Bug 1200015 for CVE-2022-1966", url: "https://bugzilla.suse.com/1200015", }, { category: "external", summary: "SUSE Bug 1200268 for CVE-2022-1966", url: "https://bugzilla.suse.com/1200268", }, { category: "external", summary: "SUSE Bug 1200494 for CVE-2022-1966", url: "https://bugzilla.suse.com/1200494", }, { category: "external", summary: "SUSE Bug 1200529 for CVE-2022-1966", url: "https://bugzilla.suse.com/1200529", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-1966", }, { cve: "CVE-2022-1972", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1972", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2078. Reason: This candidate is a reservation duplicate of CVE-2022-2078. Notes: All CVE users should reference CVE-2022-2078 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1972", url: "https://www.suse.com/security/cve/CVE-2022-1972", }, { category: "external", summary: "SUSE Bug 1200019 for CVE-2022-1972", url: "https://bugzilla.suse.com/1200019", }, { category: "external", summary: "SUSE Bug 1200266 for CVE-2022-1972", url: "https://bugzilla.suse.com/1200266", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-1972", }, { cve: "CVE-2022-1973", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1973", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1973", url: "https://www.suse.com/security/cve/CVE-2022-1973", }, { category: "external", summary: "SUSE Bug 1200023 for CVE-2022-1973", url: "https://bugzilla.suse.com/1200023", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-1973", }, { cve: "CVE-2022-22942", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-22942", }, ], notes: [ { category: "general", text: "The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-22942", url: "https://www.suse.com/security/cve/CVE-2022-22942", }, { category: "external", summary: "SUSE Bug 1195065 for CVE-2022-22942", url: "https://bugzilla.suse.com/1195065", }, { category: "external", summary: "SUSE Bug 1195951 for CVE-2022-22942", url: "https://bugzilla.suse.com/1195951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-22942", }, { cve: "CVE-2022-2308", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2308", }, ], notes: [ { category: "general", text: "A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with the features advertised by the VDUSE userspace application. In case of a mismatch, Virtio drivers config read helpers do not initialize the memory indirectly passed to vduse_vdpa_get_config() returning uninitialized memory from the stack. This could cause undefined behavior or data leaks in Virtio drivers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2308", url: "https://www.suse.com/security/cve/CVE-2022-2308", }, { category: "external", summary: "SUSE Bug 1202573 for CVE-2022-2308", url: "https://bugzilla.suse.com/1202573", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-2308", }, { cve: "CVE-2022-24958", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-24958", }, ], notes: [ { category: "general", text: "drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-24958", url: "https://www.suse.com/security/cve/CVE-2022-24958", }, { category: "external", summary: "SUSE Bug 1195905 for CVE-2022-24958", url: "https://bugzilla.suse.com/1195905", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-24958", }, { cve: "CVE-2022-2588", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2588", }, ], notes: [ { category: "general", text: "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2588", url: "https://www.suse.com/security/cve/CVE-2022-2588", }, { category: "external", summary: "SUSE Bug 1202096 for CVE-2022-2588", url: "https://bugzilla.suse.com/1202096", }, { category: "external", summary: "SUSE Bug 1203613 for CVE-2022-2588", url: "https://bugzilla.suse.com/1203613", }, { category: "external", summary: "SUSE Bug 1204183 for CVE-2022-2588", url: "https://bugzilla.suse.com/1204183", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-2588", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2590", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2590", }, ], notes: [ { category: "general", text: "A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2590", url: "https://www.suse.com/security/cve/CVE-2022-2590", }, { category: "external", summary: "SUSE Bug 1202013 for CVE-2022-2590", url: "https://bugzilla.suse.com/1202013", }, { category: "external", summary: "SUSE Bug 1202089 for CVE-2022-2590", url: "https://bugzilla.suse.com/1202089", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-2590", }, { cve: "CVE-2022-26490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-26490", }, ], notes: [ { category: "general", text: "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-26490", url: "https://www.suse.com/security/cve/CVE-2022-26490", }, { category: "external", summary: "SUSE Bug 1196830 for CVE-2022-26490", url: "https://bugzilla.suse.com/1196830", }, { category: "external", summary: "SUSE Bug 1201656 for CVE-2022-26490", url: "https://bugzilla.suse.com/1201656", }, { category: "external", summary: "SUSE Bug 1201969 for CVE-2022-26490", url: "https://bugzilla.suse.com/1201969", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2022-26490", url: "https://bugzilla.suse.com/1211495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-26490", }, { cve: "CVE-2022-28388", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28388", }, ], notes: [ { category: "general", text: "usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28388", url: "https://www.suse.com/security/cve/CVE-2022-28388", }, { category: "external", summary: "SUSE Bug 1198032 for CVE-2022-28388", url: "https://bugzilla.suse.com/1198032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-28388", }, { cve: "CVE-2022-28389", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28389", }, ], notes: [ { category: "general", text: "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28389", url: "https://www.suse.com/security/cve/CVE-2022-28389", }, { category: "external", summary: "SUSE Bug 1198033 for CVE-2022-28389", url: "https://bugzilla.suse.com/1198033", }, { category: "external", summary: "SUSE Bug 1201657 for CVE-2022-28389", url: "https://bugzilla.suse.com/1201657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-28389", }, { cve: "CVE-2022-28390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28390", }, ], notes: [ { category: "general", text: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28390", url: "https://www.suse.com/security/cve/CVE-2022-28390", }, { category: "external", summary: "SUSE Bug 1198031 for CVE-2022-28390", url: "https://bugzilla.suse.com/1198031", }, { category: "external", summary: "SUSE Bug 1201517 for CVE-2022-28390", url: "https://bugzilla.suse.com/1201517", }, { category: "external", summary: "SUSE Bug 1207969 for CVE-2022-28390", url: "https://bugzilla.suse.com/1207969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-28390", }, { cve: "CVE-2022-28893", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28893", }, ], notes: [ { category: "general", text: "The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28893", url: "https://www.suse.com/security/cve/CVE-2022-28893", }, { category: "external", summary: "SUSE Bug 1198330 for CVE-2022-28893", url: "https://bugzilla.suse.com/1198330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-28893", }, { cve: "CVE-2022-29900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-29900", }, ], notes: [ { category: "general", text: "Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-29900", url: "https://www.suse.com/security/cve/CVE-2022-29900", }, { category: "external", summary: "SUSE Bug 1199657 for CVE-2022-29900", url: "https://bugzilla.suse.com/1199657", }, { category: "external", summary: "SUSE Bug 1201469 for CVE-2022-29900", url: "https://bugzilla.suse.com/1201469", }, { category: "external", summary: "SUSE Bug 1207894 for CVE-2022-29900", url: "https://bugzilla.suse.com/1207894", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-29900", }, { cve: "CVE-2022-29901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-29901", }, ], notes: [ { category: "general", text: "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-29901", url: "https://www.suse.com/security/cve/CVE-2022-29901", }, { category: "external", summary: "SUSE Bug 1201469 for CVE-2022-29901", url: "https://bugzilla.suse.com/1201469", }, { category: "external", summary: "SUSE Bug 1207894 for CVE-2022-29901", url: "https://bugzilla.suse.com/1207894", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-29901", }, { cve: "CVE-2022-29968", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-29968", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-29968", url: "https://www.suse.com/security/cve/CVE-2022-29968", }, { category: "external", summary: "SUSE Bug 1199087 for CVE-2022-29968", url: "https://bugzilla.suse.com/1199087", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2022-29968", }, { cve: "CVE-2022-3424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3424", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3424", url: "https://www.suse.com/security/cve/CVE-2022-3424", }, { category: "external", summary: "SUSE Bug 1204166 for CVE-2022-3424", url: "https://bugzilla.suse.com/1204166", }, { category: "external", summary: "SUSE Bug 1204167 for CVE-2022-3424", url: "https://bugzilla.suse.com/1204167", }, { category: "external", summary: "SUSE Bug 1208044 for CVE-2022-3424", url: "https://bugzilla.suse.com/1208044", }, { category: "external", summary: "SUSE Bug 1212309 for CVE-2022-3424", url: "https://bugzilla.suse.com/1212309", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-3424", }, { cve: "CVE-2022-34918", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-34918", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-34918", url: "https://www.suse.com/security/cve/CVE-2022-34918", }, { category: "external", summary: "SUSE Bug 1201171 for CVE-2022-34918", url: "https://bugzilla.suse.com/1201171", }, { category: "external", summary: "SUSE Bug 1201177 for CVE-2022-34918", url: "https://bugzilla.suse.com/1201177", }, { category: "external", summary: "SUSE Bug 1201222 for CVE-2022-34918", url: "https://bugzilla.suse.com/1201222", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-3628", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3628", }, ], notes: [ { category: "general", text: "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3628", url: "https://www.suse.com/security/cve/CVE-2022-3628", }, { category: "external", summary: "SUSE Bug 1204868 for CVE-2022-3628", url: "https://bugzilla.suse.com/1204868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-3628", }, { cve: "CVE-2022-3640", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3640", }, ], notes: [ { category: "general", text: "A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3640", url: "https://www.suse.com/security/cve/CVE-2022-3640", }, { category: "external", summary: "SUSE Bug 1204619 for CVE-2022-3640", url: "https://bugzilla.suse.com/1204619", }, { category: "external", summary: "SUSE Bug 1204624 for CVE-2022-3640", url: "https://bugzilla.suse.com/1204624", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-3640", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-3640", }, { cve: "CVE-2022-40982", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-40982", }, ], notes: [ { category: "general", text: "Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-40982", url: "https://www.suse.com/security/cve/CVE-2022-40982", }, { category: "external", summary: "SUSE Bug 1206418 for CVE-2022-40982", url: "https://bugzilla.suse.com/1206418", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2022-40982", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-40982", }, { cve: "CVE-2022-41218", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-41218", }, ], notes: [ { category: "general", text: "In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-41218", url: "https://www.suse.com/security/cve/CVE-2022-41218", }, { category: "external", summary: "SUSE Bug 1202960 for CVE-2022-41218", url: "https://bugzilla.suse.com/1202960", }, { category: "external", summary: "SUSE Bug 1203606 for CVE-2022-41218", url: "https://bugzilla.suse.com/1203606", }, { category: "external", summary: "SUSE Bug 1205313 for CVE-2022-41218", url: "https://bugzilla.suse.com/1205313", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-41218", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-41218", }, { cve: "CVE-2022-41674", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-41674", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-41674", url: "https://www.suse.com/security/cve/CVE-2022-41674", }, { category: "external", summary: "SUSE Bug 1203770 for CVE-2022-41674", url: "https://bugzilla.suse.com/1203770", }, { category: "external", summary: "SUSE Bug 1203994 for CVE-2022-41674", url: "https://bugzilla.suse.com/1203994", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-41674", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-41674", }, { cve: "CVE-2022-42719", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-42719", }, ], notes: [ { category: "general", text: "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-42719", url: "https://www.suse.com/security/cve/CVE-2022-42719", }, { category: "external", summary: "SUSE Bug 1204051 for CVE-2022-42719", url: "https://bugzilla.suse.com/1204051", }, { category: "external", summary: "SUSE Bug 1204292 for CVE-2022-42719", url: "https://bugzilla.suse.com/1204292", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-42719", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-42719", }, { cve: "CVE-2022-42720", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-42720", }, ], notes: [ { category: "general", text: "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-42720", url: "https://www.suse.com/security/cve/CVE-2022-42720", }, { category: "external", summary: "SUSE Bug 1204059 for CVE-2022-42720", url: "https://bugzilla.suse.com/1204059", }, { category: "external", summary: "SUSE Bug 1204291 for CVE-2022-42720", url: "https://bugzilla.suse.com/1204291", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-42720", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-42720", }, { cve: "CVE-2022-42721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-42721", }, ], notes: [ { category: "general", text: "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-42721", url: "https://www.suse.com/security/cve/CVE-2022-42721", }, { category: "external", summary: "SUSE Bug 1204060 for CVE-2022-42721", url: "https://bugzilla.suse.com/1204060", }, { category: "external", summary: "SUSE Bug 1204290 for CVE-2022-42721", url: "https://bugzilla.suse.com/1204290", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-42721", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-42721", }, { cve: "CVE-2022-42722", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-42722", }, ], notes: [ { category: "general", text: "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-42722", url: "https://www.suse.com/security/cve/CVE-2022-42722", }, { category: "external", summary: "SUSE Bug 1204125 for CVE-2022-42722", url: "https://bugzilla.suse.com/1204125", }, { category: "external", summary: "SUSE Bug 1204289 for CVE-2022-42722", url: "https://bugzilla.suse.com/1204289", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-42722", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-42722", }, { cve: "CVE-2022-4379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-4379", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-4379", url: "https://www.suse.com/security/cve/CVE-2022-4379", }, { category: "external", summary: "SUSE Bug 1206209 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206209", }, { category: "external", summary: "SUSE Bug 1206373 for CVE-2022-4379", url: "https://bugzilla.suse.com/1206373", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-4379", }, { cve: "CVE-2022-44032", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-44032", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-44032", url: "https://www.suse.com/security/cve/CVE-2022-44032", }, { category: "external", summary: "SUSE Bug 1204894 for CVE-2022-44032", url: "https://bugzilla.suse.com/1204894", }, { category: "external", summary: "SUSE Bug 1212290 for CVE-2022-44032", url: "https://bugzilla.suse.com/1212290", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-44032", }, { cve: "CVE-2022-44033", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-44033", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_detach().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-44033", url: "https://www.suse.com/security/cve/CVE-2022-44033", }, { category: "external", summary: "SUSE Bug 1204922 for CVE-2022-44033", url: "https://bugzilla.suse.com/1204922", }, { category: "external", summary: "SUSE Bug 1212306 for CVE-2022-44033", url: "https://bugzilla.suse.com/1212306", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-44033", }, { cve: "CVE-2022-44034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-44034", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-44034", url: "https://www.suse.com/security/cve/CVE-2022-44034", }, { category: "external", summary: "SUSE Bug 1204901 for CVE-2022-44034", url: "https://bugzilla.suse.com/1204901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-44034", }, { cve: "CVE-2022-45884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45884", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45884", url: "https://www.suse.com/security/cve/CVE-2022-45884", }, { category: "external", summary: "SUSE Bug 1205756 for CVE-2022-45884", url: "https://bugzilla.suse.com/1205756", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-45884", }, { cve: "CVE-2022-45885", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45885", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45885", url: "https://www.suse.com/security/cve/CVE-2022-45885", }, { category: "external", summary: "SUSE Bug 1205758 for CVE-2022-45885", url: "https://bugzilla.suse.com/1205758", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-45885", }, { cve: "CVE-2022-45886", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45886", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45886", url: "https://www.suse.com/security/cve/CVE-2022-45886", }, { category: "external", summary: "SUSE Bug 1205760 for CVE-2022-45886", url: "https://bugzilla.suse.com/1205760", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-45886", }, { cve: "CVE-2022-45887", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45887", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45887", url: "https://www.suse.com/security/cve/CVE-2022-45887", }, { category: "external", summary: "SUSE Bug 1205762 for CVE-2022-45887", url: "https://bugzilla.suse.com/1205762", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2022-45887", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-45887", }, { cve: "CVE-2022-45888", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45888", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45888", url: "https://www.suse.com/security/cve/CVE-2022-45888", }, { category: "external", summary: "SUSE Bug 1205764 for CVE-2022-45888", url: "https://bugzilla.suse.com/1205764", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2022-45888", }, { cve: "CVE-2022-45919", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45919", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45919", url: "https://www.suse.com/security/cve/CVE-2022-45919", }, { category: "external", summary: "SUSE Bug 1205803 for CVE-2022-45919", url: "https://bugzilla.suse.com/1205803", }, { category: "external", summary: "SUSE Bug 1208912 for CVE-2022-45919", url: "https://bugzilla.suse.com/1208912", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2022-45919", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2022-45919", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-45919", }, { cve: "CVE-2022-45934", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45934", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45934", url: "https://www.suse.com/security/cve/CVE-2022-45934", }, { category: "external", summary: "SUSE Bug 1205796 for CVE-2022-45934", url: "https://bugzilla.suse.com/1205796", }, { category: "external", summary: "SUSE Bug 1212292 for CVE-2022-45934", url: "https://bugzilla.suse.com/1212292", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2022-45934", }, { cve: "CVE-2023-0045", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0045", }, ], notes: [ { category: "general", text: "The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96\n\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0045", url: "https://www.suse.com/security/cve/CVE-2023-0045", }, { category: "external", summary: "SUSE Bug 1207773 for CVE-2023-0045", url: "https://bugzilla.suse.com/1207773", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-0045", }, { cve: "CVE-2023-1076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1076", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1076", url: "https://www.suse.com/security/cve/CVE-2023-1076", }, { category: "external", summary: "SUSE Bug 1208599 for CVE-2023-1076", url: "https://bugzilla.suse.com/1208599", }, { category: "external", summary: "SUSE Bug 1214019 for CVE-2023-1076", url: "https://bugzilla.suse.com/1214019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-1076", }, { cve: "CVE-2023-1078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1078", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1078", url: "https://www.suse.com/security/cve/CVE-2023-1078", }, { category: "external", summary: "SUSE Bug 1208601 for CVE-2023-1078", url: "https://bugzilla.suse.com/1208601", }, { category: "external", summary: "SUSE Bug 1208603 for CVE-2023-1078", url: "https://bugzilla.suse.com/1208603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-1078", }, { cve: "CVE-2023-1192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1192", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1192", url: "https://www.suse.com/security/cve/CVE-2023-1192", }, { category: "external", summary: "SUSE Bug 1208995 for CVE-2023-1192", url: "https://bugzilla.suse.com/1208995", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-1192", }, { cve: "CVE-2023-1380", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1380", }, ], notes: [ { category: "general", text: "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1380", url: "https://www.suse.com/security/cve/CVE-2023-1380", }, { category: "external", summary: "SUSE Bug 1209287 for CVE-2023-1380", url: "https://bugzilla.suse.com/1209287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-20569", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20569", }, ], notes: [ { category: "general", text: "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-20569", url: "https://www.suse.com/security/cve/CVE-2023-20569", }, { category: "external", summary: "SUSE Bug 1213287 for CVE-2023-20569", url: "https://bugzilla.suse.com/1213287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-20569", }, { cve: "CVE-2023-20593", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20593", }, ], notes: [ { category: "general", text: "\nAn issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.\n\n\n\n\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-20593", url: "https://www.suse.com/security/cve/CVE-2023-20593", }, { category: "external", summary: "SUSE Bug 1213286 for CVE-2023-20593", url: "https://bugzilla.suse.com/1213286", }, { category: "external", summary: "SUSE Bug 1213616 for CVE-2023-20593", url: "https://bugzilla.suse.com/1213616", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-20593", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-20593", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-31084", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-31084", }, ], notes: [ { category: "general", text: "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-31084", url: "https://www.suse.com/security/cve/CVE-2023-31084", }, { category: "external", summary: "SUSE Bug 1210783 for CVE-2023-31084", url: "https://bugzilla.suse.com/1210783", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-31084", }, { cve: "CVE-2023-3141", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3141", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3141", url: "https://www.suse.com/security/cve/CVE-2023-3141", }, { category: "external", summary: "SUSE Bug 1212129 for CVE-2023-3141", url: "https://bugzilla.suse.com/1212129", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-3141", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3269", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3269", }, ], notes: [ { category: "general", text: "A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3269", url: "https://www.suse.com/security/cve/CVE-2023-3269", }, { category: "external", summary: "SUSE Bug 1212395 for CVE-2023-3269", url: "https://bugzilla.suse.com/1212395", }, { category: "external", summary: "SUSE Bug 1213760 for CVE-2023-3269", url: "https://bugzilla.suse.com/1213760", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-3269", }, { cve: "CVE-2023-39192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-39192", }, ], notes: [ { category: "general", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-39192", url: "https://www.suse.com/security/cve/CVE-2023-39192", }, { category: "external", summary: "SUSE Bug 1215858 for CVE-2023-39192", url: "https://bugzilla.suse.com/1215858", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2023-39192", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-39192", }, { cve: "CVE-2023-39193", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-39193", }, ], notes: [ { category: "general", text: "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-39193", url: "https://www.suse.com/security/cve/CVE-2023-39193", }, { category: "external", summary: "SUSE Bug 1215860 for CVE-2023-39193", url: "https://bugzilla.suse.com/1215860", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2023-39193", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-39193", }, { cve: "CVE-2023-4128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4128", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. Reason: This record is a duplicate of CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. Notes: All CVE users should reference CVE-2023-4206, CVE-2023-4207, CVE-2023-4208 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4128", url: "https://www.suse.com/security/cve/CVE-2023-4128", }, { category: "external", summary: "SUSE Bug 1214149 for CVE-2023-4128", url: "https://bugzilla.suse.com/1214149", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-4128", }, { cve: "CVE-2023-4134", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4134", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4134", url: "https://www.suse.com/security/cve/CVE-2023-4134", }, { category: "external", summary: "SUSE Bug 1213971 for CVE-2023-4134", url: "https://bugzilla.suse.com/1213971", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-4134", }, { cve: "CVE-2023-4194", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4194", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 (\"tun: tun_chr_open(): correctly initialize socket uid\"), - 66b2c338adce (\"tap: tap_open(): correctly initialize socket uid\"), pass \"inode->i_uid\" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4194", url: "https://www.suse.com/security/cve/CVE-2023-4194", }, { category: "external", summary: "SUSE Bug 1214019 for CVE-2023-4194", url: "https://bugzilla.suse.com/1214019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-4194", }, { cve: "CVE-2023-42753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-42753", }, ], notes: [ { category: "general", text: "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-42753", url: "https://www.suse.com/security/cve/CVE-2023-42753", }, { category: "external", summary: "SUSE Bug 1215150 for CVE-2023-42753", url: "https://bugzilla.suse.com/1215150", }, { category: "external", summary: "SUSE Bug 1218613 for CVE-2023-42753", url: "https://bugzilla.suse.com/1218613", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-42753", }, { cve: "CVE-2023-42754", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-42754", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-42754", url: "https://www.suse.com/security/cve/CVE-2023-42754", }, { category: "external", summary: "SUSE Bug 1215467 for CVE-2023-42754", url: "https://bugzilla.suse.com/1215467", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-42754", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-42754", }, { cve: "CVE-2023-42756", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-42756", }, ], notes: [ { category: "general", text: "A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-42756", url: "https://www.suse.com/security/cve/CVE-2023-42756", }, { category: "external", summary: "SUSE Bug 1215767 for CVE-2023-42756", url: "https://bugzilla.suse.com/1215767", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-42756", }, { cve: "CVE-2023-4623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4623", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4623", url: "https://www.suse.com/security/cve/CVE-2023-4623", }, { category: "external", summary: "SUSE Bug 1215115 for CVE-2023-4623", url: "https://bugzilla.suse.com/1215115", }, { category: "external", summary: "SUSE Bug 1215440 for CVE-2023-4623", url: "https://bugzilla.suse.com/1215440", }, { category: "external", summary: "SUSE Bug 1217444 for CVE-2023-4623", url: "https://bugzilla.suse.com/1217444", }, { category: "external", summary: "SUSE Bug 1217531 for CVE-2023-4623", url: "https://bugzilla.suse.com/1217531", }, { category: "external", summary: "SUSE Bug 1219698 for CVE-2023-4623", url: "https://bugzilla.suse.com/1219698", }, { category: "external", summary: "SUSE Bug 1221578 for CVE-2023-4623", url: "https://bugzilla.suse.com/1221578", }, { category: "external", summary: "SUSE Bug 1221598 for CVE-2023-4623", url: "https://bugzilla.suse.com/1221598", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-4623", }, { cve: "CVE-2023-46813", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-46813", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-46813", url: "https://www.suse.com/security/cve/CVE-2023-46813", }, { category: "external", summary: "SUSE Bug 1212649 for CVE-2023-46813", url: "https://bugzilla.suse.com/1212649", }, { category: "external", summary: "SUSE Bug 1216896 for CVE-2023-46813", url: "https://bugzilla.suse.com/1216896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-46813", }, { cve: "CVE-2023-4881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4881", }, ], notes: [ { category: "general", text: "** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4881", url: "https://www.suse.com/security/cve/CVE-2023-4881", }, { category: "external", summary: "SUSE Bug 1215221 for CVE-2023-4881", url: "https://bugzilla.suse.com/1215221", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-4881", }, { cve: "CVE-2023-5345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-5345", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.\n\nIn case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free.\n\nWe recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-5345", url: "https://www.suse.com/security/cve/CVE-2023-5345", }, { category: "external", summary: "SUSE Bug 1215899 for CVE-2023-5345", url: "https://bugzilla.suse.com/1215899", }, { category: "external", summary: "SUSE Bug 1215971 for CVE-2023-5345", url: "https://bugzilla.suse.com/1215971", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-5345", }, { cve: "CVE-2023-6606", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-6606", }, ], notes: [ { category: "general", text: "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-6606", url: "https://www.suse.com/security/cve/CVE-2023-6606", }, { category: "external", summary: "SUSE Bug 1217947 for CVE-2023-6606", url: "https://bugzilla.suse.com/1217947", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2023-6606", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-6606", }, { cve: "CVE-2023-6610", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-6610", }, ], notes: [ { category: "general", text: "An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-6610", url: "https://www.suse.com/security/cve/CVE-2023-6610", }, { category: "external", summary: "SUSE Bug 1217946 for CVE-2023-6610", url: "https://bugzilla.suse.com/1217946", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.6.17-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.6.17-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-6610", }, ], }
suse-su-2018:0416-1
Vulnerability from csaf_suse
Published
2018-02-09 15:27
Modified
2018-02-09 15:27
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.114 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.
- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel The function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).
- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229).
- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignored unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).
- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).
- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2018-1000004: In the Linux kernel a race condition vulnerability existed in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).
- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).
- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).
The following non-security bugs were fixed:
- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).
- ACPI / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).
- ARC: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).
- Fix EX_SIZE. We do not have the patches that shave off parts of the exception data.
- Fix build error in vma.c (bnc#1012382).
- Fix mishandling of cases with MSR not being present (writing to MSR even though _state == -1).
- Fix return value from ib[rs|pb]_enabled()
- Input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).
- KVM: s390: Enable all facility bits that are known good for passthrough (bsc#1076806).
- Kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076806).
- Move RFI sysfs to a separate patch
- Move the RFI debug code into separate patch.
- Re-enable fixup detection by CPU type in case hypervisor call fails.
- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).
- Revert 'Re-enable fixup detection by CPU type in case hypervisor call fails.' The firmware update is required for the existing instructions to also do the cache flush.
- Revert 'arm64: alternatives: add enable parameter to conditional asm macros' (bsc#1068032).
- Revert 'drm/armada: Fix compile fail' (bnc#1012382).
- Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382).
- Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi).
- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).
- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).
- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).
- Revert 'netlink: add a start callback for starting a netlink dump' (kabi).
- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).
- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).
- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).
- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).
- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).
- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).
- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).
- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).
- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).
- SMB2: Fix share type handling (bnc#1074392).
- Set supported_modules_check 1 (bsc#1072163).
- Update patches.suse/powerpc-Secure-memory-rfi-flush-SLE12SP3.patch (bsc#1068032, bsc#1075087).
- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).
- af_key: fix buffer overread in verify_address_len() (bnc#1012382).
- afs: Adjust mode bits processing (bnc#1012382).
- afs: Connect up the CB.ProbeUuid (bnc#1012382).
- afs: Fix afs_kill_pages() (bnc#1012382).
- afs: Fix missing put_page() (bnc#1012382).
- afs: Fix page leak in afs_write_begin() (bnc#1012382).
- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).
- afs: Flush outstanding writes when an fd is closed (bnc#1012382).
- afs: Migrate vlocation fields to 64-bit (bnc#1012382).
- afs: Populate and use client modification time (bnc#1012382).
- afs: Populate group ID from vnode status (bnc#1012382).
- afs: Prevent callback expiry timer overflow (bnc#1012382).
- alpha: fix build failures (bnc#1012382).
- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).
- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).
- alsa: aloop: Release cable upon open error path (bsc#1031717).
- alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717).
- alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717).
- alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717).
- alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717).
- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).
- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).
- alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717).
- alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717).
- alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717).
- alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717).
- alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717).
- alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717).
- alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717).
- alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717).
- alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717).
- alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717).
- alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717).
- alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717).
- alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717).
- alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717).
- alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717).
- alsa: hda/realtek - Add support for ALC1220 (bsc#1031717).
- alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717).
- alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717).
- alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717).
- alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717).
- alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717).
- alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717).
- alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717).
- alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717).
- alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717).
- alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717).
- alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717).
- alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717).
- alsa: hda/realtek - New codec support for ALC257 (bsc#1031717).
- alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717).
- alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717).
- alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717).
- alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717).
- alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717).
- alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717).
- alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717).
- alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717).
- alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717).
- alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717).
- alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717).
- alsa: hda: Drop useless WARN_ON() (bsc#1031717).
- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).
- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).
- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).
- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).
- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).
- alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).
- alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717).
- alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717).
- alsa: usb-audio: Add check return value for usb_string() (bsc#1031717).
- alsa: usb-audio: Fix out-of-bound error (bsc#1031717).
- alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717).
- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).
- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).
- arm64: Add hypervisor safe helper for checking constant capabilities (bsc#1068032).
- arm64: Add macros to read/write system registers (bsc#1068032).
- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).
- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).
- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).
- arm64: Disable kpti for non broadcast TLB HW (bsc#1068032).
- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).
- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).
- arm64: Fix circular include of asm/lse.h through linux/jump_label.h (bsc#1068032).
- arm64: Fix compilation (bsc#1068032).
- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).
- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).
- arm64: Initialise high_memory global variable earlier (bnc#1012382).
- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).
- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).
- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).
- arm64: Mask all exceptions during kernel_exit (bsc#1068032).
- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).
- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).
- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).
- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).
- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).
- arm64: Store struct thread_info in sp_el0 (bsc#1068032).
- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).
- arm64: Use static keys for CPU features (bsc#1068032).
- arm64: add macro to extract ESR_ELx.EC (bsc#1068032).
- arm64: alternative: add auto-nop infrastructure (bsc#1068032).
- arm64: barriers: introduce nops and __nops macros for NOP sequences (bsc#1068032).
- arm64: cpu_errata: Allow an erratum to be match for all revisions of a core (bsc#1068032).
- arm64: cpufeature: Add scope for capability check (bsc#1068032).
- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).
- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).
- arm64: do not pull uaccess.h into *.S (bsc#1068032).
- arm64: entry.S convert el0_sync (bsc#1068032).
- arm64: entry.S: Remove disable_dbg (bsc#1068032).
- arm64: entry.S: convert el1_sync (bsc#1068032).
- arm64: entry.S: convert elX_irq (bsc#1068032).
- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).
- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).
- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).
- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).
- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).
- arm64: entry: remove pointless SPSR mode check (bsc#1068032).
- arm64: explicitly mask all exceptions (bsc#1068032).
- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).
- arm64: factor out entry stack manipulation (bsc#1068032).
- arm64: factor work_pending state machine to C (bsc#1068032).
- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).
- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).
- arm64: introduce an order for exceptions (bsc#1068032).
- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).
- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).
- arm64: kill ESR_LNX_EXEC (bsc#1068032).
- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).
- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).
- arm64: kvm: Survive unknown traps from guests (bnc#1012382).
- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).
- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).
- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).
- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).
- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).
- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).
- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).
- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).
- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).
- arm64: mm: hardcode rodata=true (bsc#1068032).
- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).
- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).
- arm64: sysreg: allow write_sysreg to use XZR (bsc#1068032).
- arm64: tlbflush.h: add __tlbi() macro (bsc#1068032).
- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).
- arm64: use RET instruction for exiting the trampoline (bsc#1068032).
- arm64: use alternative auto-nop (bsc#1068032).
- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).
- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).
- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).
- arm: OMAP2+: Fix device node reference counts (bnc#1012382).
- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).
- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).
- arm: avoid faulting on qemu (bnc#1012382).
- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).
- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).
- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).
- arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382).
- arm: dts: ti: fix PCI bus dtc warnings (bnc#1012382).
- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).
- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).
- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm: kvm: Survive unknown traps from guests (bnc#1012382).
- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).
- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).
- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).
- asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717).
- asoc: twl4030: fix child-node lookup (bsc#1031717).
- asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717).
- ath9k: fix tx99 potential info leak (bnc#1012382).
- atm: horizon: Fix irq release error (bnc#1012382).
- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).
- axonram: Fix gendisk handling (bnc#1012382).
- backlight: pwm_bl: Fix overflow condition (bnc#1012382).
- bcache.txt: standardize document format (bsc#1076110).
- bcache: Avoid nested function definition (bsc#1076110).
- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).
- bcache: Fix building error on MIPS (bnc#1012382).
- bcache: Remove deprecated create_workqueue (bsc#1076110).
- bcache: Remove redundant block_size assignment (bsc#1076110).
- bcache: Remove redundant parameter for cache_alloc() (bsc#1076110).
- bcache: Remove redundant set_capacity (bsc#1076110).
- bcache: Update continue_at() documentation (bsc#1076110).
- bcache: add a comment in journal bucket reading (bsc#1076110).
- bcache: check return value of register_shrinker (bsc#1076110).
- bcache: debug: avoid accessing .bi_io_vec directly (bsc#1076110).
- bcache: do not write back data if reading it failed (bsc#1076110).
- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).
- bcache: documentation updates and corrections (bsc#1076110).
- bcache: explicitly destroy mutex while exiting (bnc#1012382).
- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).
- bcache: fix sequential large write IO bypass (bsc#1076110).
- bcache: fix wrong cache_misses statistics (bnc#1012382).
- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).
- bcache: implement PI controller for writeback rate (bsc#1076110).
- bcache: increase the number of open buckets (bsc#1076110).
- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).
- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110).
- bcache: pr_err: more meaningful error message when nr_stripes is invalid (bsc#1076110).
- bcache: rearrange writeback main thread ratelimit (bsc#1076110).
- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).
- bcache: register_bcache(): call blkdev_put() when cache_alloc() fails (bsc#1076110).
- bcache: remove unused parameter (bsc#1076110).
- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085, bsc#1019784).
- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).
- bcache: silence static checker warning (bsc#1076110).
- bcache: smooth writeback rate control (bsc#1076110).
- bcache: switch to using blk_queue_write_cache() (bsc#1076110).
- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).
- bcache: update bucket_in_use in real time (bsc#1076110).
- bcache: update document info (bsc#1076110).
- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).
- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).
- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).
- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).
- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844).
- block: export bio_free_pages to other modules (bsc#1076110).
- block: wake up all tasks blocked in get_request() (bnc#1012382).
- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).
- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).
- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).
- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).
- btrfs: account for pinned bytes in should_alloc_chunk (bsc#1066842).
- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).
- btrfs: clear space cache inode generation always (bnc#1012382).
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: kvaser_usb: free buf in error paths (bnc#1012382).
- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).
- can: peak: fix potential bug in packet fragmentation (bnc#1012382).
- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- cdc-acm: apply quirk for card reader (bsc#1060279).
- cdrom: factor out common open_for_* code (bsc#1048585).
- cdrom: wait for tray to close (bsc#1048585).
- ceph: drop negative child dentries before try pruning inode's alias (bnc#1012382).
- ceph: more accurate statfs (bsc#1077068).
- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).
- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).
- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).
- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).
- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).
- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).
- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).
- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).
- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).
- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).
- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).
- crypto: n2 - cure use after free (bnc#1012382).
- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).
- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).
- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).
- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).
- dax: Pass detailed error code from __dax_fault() (bsc#1072484).
- dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).
- delay: add poll_event_interruptible (bsc#1048585).
- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).
- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).
- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).
- dmaengine: pl330: fix double lock (bnc#1012382).
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).
- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).
- drivers/md/bcache/util.h: remove duplicate inclusion of blkdev.h (bsc#1076110).
- drivers: base: cacheinfo: fix boot error message when acpi is enabled (bnc#1012382).
- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled (bnc#1012382).
- drivers: net: xgene: Fix hardware checksum setting (bsc#1078526).
- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).
- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).
- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).
- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).
- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).
- drm/radeon: fix atombios on big endian (bnc#1012382).
- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).
- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).
- drm: extra printk() wrapper macros (bnc#1012382).
- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).
- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).
- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).
- edac, sb_edac: Fix missing break in switch (bnc#1012382).
- eeprom: at24: check at24_read/write arguments (bnc#1012382).
- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).
- efi: Move some sysfs files to be read-only by root (bnc#1012382).
- eventpoll.h: add missing epoll event masks (bnc#1012382).
- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).
- ext4: fix crash when a directory's i_size is too small (bnc#1012382).
- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).
- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).
- fjes: Fix wrong netdevice feature flags (bnc#1012382).
- flow_dissector: properly cap thoff field (bnc#1012382).
- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).
- fork: clear thread stack upon allocation (bsc#1077560). Conflicts: series.conf
- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).
- futex: Prevent overflow by strengthen input validation (bnc#1012382).
- gcov: disable for COMPILE_TEST (bnc#1012382).
- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).
- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).
- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).
- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).
- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).
- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).
- i40e: Do not enable NAPI on q_vectors that have no rings (bnc#1012382).
- ib/hfi1: Correct defered count after processing qp_wait_list (git-fixes).
- ib/hfi1: Fix rnr_timer addition (git-fixes).
- ib/hfi1: Handle kzalloc failure in init_pervl_scs (git-fixes).
- ib/hfi1: Move iowait_init() to priv allocate (git-fixes).
- ib/hfi1: Prevent kernel QP post send hard lockups (git-fixes).
- ib/hfi1: Reset QSFP on every run through channel tuning (git-fixes).
- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).
- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).
- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).
- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).
- ib/qib: Remove qpt_mask global (git-fixes).
- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (git-fixes).
- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).
- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).
- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).
- ibmvnic: Fix IP offload control buffer (bsc#1076899).
- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).
- ibmvnic: Fix pending MAC address changes (bsc#1075627).
- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).
- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).
- ibmvnic: Wait for device response when changing MAC (bsc#1078681).
- igb: check memory allocation failure (bnc#1012382).
- ima: fix hash algorithm initialization (bnc#1012382).
- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).
- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).
- input: elantech - add new icbody type 15 (bnc#1012382).
- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).
- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).
- input: twl6040-vibra - fix DT node memory management (bnc#1012382).
- input: twl6040-vibra - fix child-node lookup (bnc#1012382).
- intel_th: pci: Add Gemini Lake support (bnc#1012382).
- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).
- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).
- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).
- ipmi: Stop timers before cleaning up the module (bnc#1012382).
- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).
- ipv4: igmp: guard against silly MTU values (bnc#1012382).
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).
- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).
- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).
- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).
- ipv6: mcast: better catch silly mtu values (bnc#1012382).
- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).
- ipvlan: fix ipv6 outbound device (bnc#1012382).
- ipvlan: remove excessive packet scrubbing (bsc#1070799).
- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).
- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).
- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).
- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).
- isdn: kcapi: avoid uninitialized data (bnc#1012382).
- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).
- ixgbe: fix use of uninitialized padding (bnc#1012382).
- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).
- jump_label: Make it possible for arches to invoke jump_label_init() earlier (bsc#1068032).
- jump_labels: Allow array initialisers (bsc#1068032).
- kABI: protect struct bpf_map (kabi).
- kABI: protect struct ipv6_pinfo (kabi).
- kABI: protect struct t10_alua_tg_pt_gp (kabi).
- kabi fix for new hash_cred function (bsc#1012917).
- kabi/severities: do not care about stuff_RSB
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).
- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).
- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).
- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).
- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).
- keys: add missing permission check for request_key() destination (bnc#1012382).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).
- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).
- kpti: Report when enabled (bnc#1012382).
- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).
- kvm: VMX: Fix enable VPID conditions (bnc#1012382).
- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).
- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).
- kvm: arm/arm64: Fix occasional warning from the timer work function (bnc#1012382 bsc#988524).
- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).
- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).
- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).
- kvm: s390: wire up bpb feature (bsc#1076806).
- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382).
- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).
- kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382).
- kvm: x86: correct async page present tracepoint (bnc#1012382).
- kvm: x86: fix RSM when PCID is non-zero (bnc#1012382).
- kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382).
- kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382).
- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).
- lan78xx: Fix failure in USB Full Speed (bnc#1012382).
- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).
- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).
- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).
- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).
- md-cluster: free md_cluster_info if node leave cluster (bnc#1012382).
- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).
- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).
- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).
- mfd: twl6040: Fix child-node lookup (bnc#1012382).
- mlxsw: reg: Fix SPVM max record count (bnc#1012382).
- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1012382).
- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).
- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).
- mm: Introduce lm_alias (bsc#1068032).
- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).
- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).
- mmc: core: Do not leave the block driver in a suspended state (bnc#1012382).
- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).
- module: set __jump_table alignment to 8 (bnc#1012382).
- more bio_map_user_iov() leak fixes (bnc#1012382).
- mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382).
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).
- net/appletalk: Fix kernel memory disclosure (bnc#1012382).
- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).
- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).
- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).
- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).
- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).
- net: Resend IGMP memberships upon peer notification (bnc#1012382).
- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).
- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).
- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).
- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).
- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).
- net: core: fix module type in sock_diag_bind (bnc#1012382).
- net: fec: fix multicast filtering hardware setup (bnc#1012382).
- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).
- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).
- net: initialize msg.msg_flags in recvfrom (bnc#1012382).
- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).
- net: mvneta: clear interface link status on port disable (bnc#1012382).
- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).
- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).
- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).
- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).
- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).
- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).
- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).
- net: systemport: Pad packet before inserting TSB (bnc#1012382).
- net: systemport: Utilize skb_put_padto() (bnc#1012382).
- net: tcp: close sock if net namespace is exiting (bnc#1012382).
- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).
- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).
- netfilter: do not track fragmented packets (bnc#1012382).
- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).
- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).
- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).
- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).
- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).
- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).
- netlink: add a start callback for starting a netlink dump (bnc#1012382).
- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).
- nfs: Fix a typo in nfs_rename() (bnc#1012382).
- nfs: improve shinking of access cache (bsc#1012917).
- nfsd: Fix another OPEN stateid race (bnc#1012382).
- nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382).
- nfsd: Make init_open_stateid() a bit more whole (bnc#1012382).
- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).
- nfsd: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).
- nfsd: fix nfsd_reset_versions for NFSv4 (bnc#1012382).
- nfsv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).
- nfsv4: Fix client recovery when server reboots multiple times (bnc#1012382).
- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).
- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).
- packet: fix crash in fanout_demux_rollover() (bnc#1012382).
- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).
- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).
- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).
- pci / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).
- pci/AER: Report non-fatal errors only to the affected endpoint (bnc#1012382).
- pci/PME: Handle invalid data when reading Root Status (bnc#1012382).
- pci: Avoid bus reset if bridge itself is broken (bnc#1012382).
- pci: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).
- pci: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).
- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).
- perf test attr: Fix ignored test case result (bnc#1012382).
- perf: xgene: Add support for SoC PMU version 3 (bsc#1076809).
- perf: xgene: Include module.h (bsc#1076809).
- perf: xgene: Move PMU leaf functions into function pointer structure (bsc#1076809).
- perf: xgene: Parse PMU subnode from the match table (bsc#1076809).
- perf: xgene: Remove unnecessary managed resources cleanup (bsc#1076809).
- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).
- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).
- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).
- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).
- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).
- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).
- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).
- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).
- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).
- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).
- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).
- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).
- powerpc/ipic: Fix status get and status clear (bnc#1012382).
- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).
- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).
- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).
- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).
- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).
- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).
- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).
- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).
- ppp: Destroy the mutex when cleanup (bnc#1012382).
- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).
- pti: unbreak EFI (bsc#1074709).
- r8152: fix the list rx_done may be used without initialization (bnc#1012382).
- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).
- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).
- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).
- ravb: Remove Rx overflow log messages (bnc#1012382).
- rbd: set max_segments to USHRT_MAX (bnc#1012382).
- rdma/cma: Avoid triggering undefined behavior (bnc#1012382).
- rdma/iser: Fix possible mr leak on device removal event (bnc#1012382).
- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).
- rds: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).
- rds: null pointer dereference in rds_atomic_free_op (bnc#1012382).
- regulator: Try to resolve regulators supplies on registration (bsc#1074847).
- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).
- regulator: da9063: Return an error code on probe failure (bsc#1074847).
- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).
- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).
- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).
- route: also update fnhe_genid when updating a route cache (bnc#1012382).
- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).
- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).
- rtc: pcf8563: fix output clock rate (bnc#1012382).
- rtc: pl031: make interrupt optional (bnc#1012382).
- rtc: set the alarm to the next expiring timer (bnc#1012382).
- s390/pci: do not require AIS facility (bnc#1012382).
- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1012382).
- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).
- s390: always save and restore all registers on context switch (bnc#1012382).
- s390: fix compat system call table (bnc#1012382).
- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).
- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).
- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).
- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).
- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).
- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).
- sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476).
- scsi: bfa: integer overflow in debugfs (bnc#1012382).
- scsi: check for device state in __scsi_remove_target() (bsc#1072589).
- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).
- scsi: fixup kernel warning during rmmod() (bsc#1052360).
- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).
- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).
- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).
- scsi: lpfc: Fix PT2PT PRLI reject (bnc#1012382).
- scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters (bnc#1012382).
- scsi: lpfc: Fix secure firmware updates (bnc#1012382).
- scsi: lpfc: PLOGI failures during NPIV testing (bnc#1012382).
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).
- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).
- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).
- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).
- scsi: sr: wait for the medium to become ready (bsc#1048585).
- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).
- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).
- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).
- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).
- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).
- selftests/x86: Add test_vsyscall (bnc#1012382).
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).
- serial: 8250_pci: Add Amazon PCI serial device ID (bnc#1012382).
- series.conf: fix wrong bsc reference
- series.conf: whitespace cleanup
- sfc: do not warn on successful change of MAC (bnc#1012382).
- sh_eth: fix SH7757 GEther initialization (bnc#1012382).
- sh_eth: fix TSU resource handling (bnc#1012382).
- sit: update frag_off info (bnc#1012382).
- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).
- sparc64/mm: set fields in deferred pages (bnc#1012382).
- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).
- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).
- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).
- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).
- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).
- sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917).
- sunrpc: add auth_unix hash_cred() function (bsc#1012917).
- sunrpc: add generic_auth hash_cred() function (bsc#1012917).
- sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917).
- sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917).
- sunrpc: use supplimental groups in auth hash (bsc#1012917).
- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- sysrq : fix Show Regs call trace on ARM (bnc#1012382).
- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).
- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).
- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).
- target: Use system workqueue for ALUA transitions (bnc#1012382).
- target: fix ALUA transition timeout handling (bnc#1012382).
- target: fix race during implicit transition work flushes (bnc#1012382).
- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).
- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).
- tcp: __tcp_hdrlen() helper (bnc#1012382).
- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).
- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).
- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).
- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).
- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).
- tipc: fix cleanup at module unload (bnc#1012382).
- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).
- tipc: improve link resiliency when rps is activated (bsc#1068038).
- tracing: Allocate mask_str buffer dynamically (bnc#1012382).
- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).
- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).
- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).
- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).
- tty fix oops when rmmod 8250 (bnc#1012382).
- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).
- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).
- udf: Avoid overflow when session starts at large offset (bnc#1012382).
- um: link vmlinux with -no-pie (bnc#1012382).
- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).
- usb: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).
- usb: Increase usbfs transfer limit (bnc#1012382).
- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).
- usb: core: Add type-specific length check of BOS descriptors (bnc#1012382).
- usb: core: prevent malicious bNumInterfaces overflow (bnc#1012382).
- usb: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).
- usb: fix usbmon BUG trigger (bnc#1012382).
- usb: gadget: configs: plug memory leak (bnc#1012382).
- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).
- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).
- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).
- usb: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).
- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).
- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).
- usb: musb: da8xx: fix babble condition handling (bnc#1012382).
- usb: phy: isp1301: Add OF device ID table (bnc#1012382).
- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).
- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).
- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).
- usb: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).
- usb: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).
- usb: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).
- usb: serial: option: add Quectel BG96 id (bnc#1012382).
- usb: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).
- usb: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).
- usb: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).
- usb: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).
- usb: usbfs: Filter flags passed in from user space (bnc#1012382).
- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).
- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).
- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).
- usbip: Fix implicit fallthrough warning (bnc#1012382).
- usbip: Fix potential format overflow in userspace tools (bnc#1012382).
- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).
- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).
- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).
- usbip: prevent leaking socket pointer address in messages (bnc#1012382).
- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).
- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).
- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).
- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).
- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).
- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).
- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).
- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).
- virtio: release virtio index when fail to device_register (bnc#1012382).
- vmxnet3: repair memory leak (bnc#1012382).
- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).
- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).
- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).
- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).
- writeback: fix memory leak in wb_queue_work() (bnc#1012382).
- x.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).
- x.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).
- x509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).
- x86/Documentation: Add PTI description (bnc#1012382).
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).
- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm (bnc#1012382).
- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).
- x86/apic/vector: Fix off by one in error path (bnc#1012382).
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).
- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).
- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).
- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).
- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).
- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).
- x86/efi-bgrt: Fix kernel panic when mapping BGRT data (bnc#1012382).
- x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382).
- x86/efi: Build our own page table structures (bnc#1012382).
- x86/efi: Hoist page table switching code into efi_call_virt() (bnc#1012382).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).
- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).
- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).
- x86/kasan: Write protect kasan zero shadow (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).
- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (bnc#1012382).
- x86/mm: Disable PCID on 32-bit kernels (bnc#1012382).
- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).
- x86/pti: Document fix wrong index (bnc#1012382).
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).
- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).
- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).
- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).
- xen-netfront: Improve error handling during initialization (bnc#1012382).
- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).
- xfrm: Copy policy family in clone_policy (bnc#1012382).
- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).
- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).
- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).
- xfs: add configurable error support to metadata buffers (bsc#1068569).
- xfs: add configuration handlers for specific errors (bsc#1068569).
- xfs: add configuration of error failure speed (bsc#1068569).
- xfs: address kabi for xfs buffer retry infrastructure (kabi).
- xfs: configurable error behavior via sysfs (bsc#1068569).
- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).
- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).
- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).
- xfs: introduce metadata IO error class (bsc#1068569).
- xfs: introduce table-based init for error behaviors (bsc#1068569).
- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).
- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).
- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).
- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).
- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).
Patchnames
SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-285,SUSE-SLE-DESKTOP-12-SP2-2018-285,SUSE-SLE-HA-12-SP2-2018-285,SUSE-SLE-Live-Patching-12-2018-285,SUSE-SLE-RPI-12-SP2-2018-285,SUSE-SLE-SDK-12-SP2-2018-285,SUSE-SLE-SERVER-12-SP2-2018-285,SUSE-SLE-WE-12-SP2-2018-285
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.114 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).\n\n The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.\n\n- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel The function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).\n- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229).\n- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignored unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).\n- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).\n- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).\n- CVE-2018-1000004: In the Linux kernel a race condition vulnerability existed in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).\n- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).\n- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n\nThe following non-security bugs were fixed:\n\n- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).\n- ACPI / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).\n- ARC: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).\n- Fix EX_SIZE. We do not have the patches that shave off parts of the exception data.\n- Fix build error in vma.c (bnc#1012382).\n- Fix mishandling of cases with MSR not being present (writing to MSR even though _state == -1).\n- Fix return value from ib[rs|pb]_enabled()\n- Input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).\n- KVM: s390: Enable all facility bits that are known good for passthrough (bsc#1076806).\n- Kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076806).\n- Move RFI sysfs to a separate patch\n- Move the RFI debug code into separate patch.\n- Re-enable fixup detection by CPU type in case hypervisor call fails.\n- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).\n- Revert 'Re-enable fixup detection by CPU type in case hypervisor call fails.' The firmware update is required for the existing instructions to also do the cache flush.\n- Revert 'arm64: alternatives: add enable parameter to conditional asm macros' (bsc#1068032).\n- Revert 'drm/armada: Fix compile fail' (bnc#1012382).\n- Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382).\n- Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi).\n- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).\n- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).\n- Revert 'netlink: add a start callback for starting a netlink dump' (kabi).\n- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).\n- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).\n- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).\n- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).\n- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).\n- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).\n- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).\n- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).\n- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).\n- SMB2: Fix share type handling (bnc#1074392).\n- Set supported_modules_check 1 (bsc#1072163).\n- Update patches.suse/powerpc-Secure-memory-rfi-flush-SLE12SP3.patch (bsc#1068032, bsc#1075087).\n- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).\n- af_key: fix buffer overread in verify_address_len() (bnc#1012382).\n- afs: Adjust mode bits processing (bnc#1012382).\n- afs: Connect up the CB.ProbeUuid (bnc#1012382).\n- afs: Fix afs_kill_pages() (bnc#1012382).\n- afs: Fix missing put_page() (bnc#1012382).\n- afs: Fix page leak in afs_write_begin() (bnc#1012382).\n- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).\n- afs: Flush outstanding writes when an fd is closed (bnc#1012382).\n- afs: Migrate vlocation fields to 64-bit (bnc#1012382).\n- afs: Populate and use client modification time (bnc#1012382).\n- afs: Populate group ID from vnode status (bnc#1012382).\n- afs: Prevent callback expiry timer overflow (bnc#1012382).\n- alpha: fix build failures (bnc#1012382).\n- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).\n- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).\n- alsa: aloop: Release cable upon open error path (bsc#1031717).\n- alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717).\n- alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717).\n- alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717).\n- alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717).\n- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).\n- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).\n- alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717).\n- alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717).\n- alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717).\n- alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717).\n- alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717).\n- alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717).\n- alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717).\n- alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717).\n- alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717).\n- alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717).\n- alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717).\n- alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717).\n- alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717).\n- alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717).\n- alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717).\n- alsa: hda/realtek - Add support for ALC1220 (bsc#1031717).\n- alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717).\n- alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717).\n- alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717).\n- alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717).\n- alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717).\n- alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717).\n- alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717).\n- alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717).\n- alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717).\n- alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717).\n- alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717).\n- alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717).\n- alsa: hda/realtek - New codec support for ALC257 (bsc#1031717).\n- alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717).\n- alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717).\n- alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717).\n- alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717).\n- alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717).\n- alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717).\n- alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717).\n- alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717).\n- alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717).\n- alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717).\n- alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717).\n- alsa: hda: Drop useless WARN_ON() (bsc#1031717).\n- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).\n- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).\n- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).\n- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).\n- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).\n- alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).\n- alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717).\n- alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717).\n- alsa: usb-audio: Add check return value for usb_string() (bsc#1031717).\n- alsa: usb-audio: Fix out-of-bound error (bsc#1031717).\n- alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717).\n- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).\n- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).\n- arm64: Add hypervisor safe helper for checking constant capabilities (bsc#1068032).\n- arm64: Add macros to read/write system registers (bsc#1068032).\n- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).\n- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).\n- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).\n- arm64: Disable kpti for non broadcast TLB HW (bsc#1068032).\n- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).\n- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).\n- arm64: Fix circular include of asm/lse.h through linux/jump_label.h (bsc#1068032).\n- arm64: Fix compilation (bsc#1068032).\n- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).\n- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).\n- arm64: Initialise high_memory global variable earlier (bnc#1012382).\n- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).\n- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).\n- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).\n- arm64: Mask all exceptions during kernel_exit (bsc#1068032).\n- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).\n- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).\n- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).\n- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).\n- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).\n- arm64: Store struct thread_info in sp_el0 (bsc#1068032).\n- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).\n- arm64: Use static keys for CPU features (bsc#1068032).\n- arm64: add macro to extract ESR_ELx.EC (bsc#1068032).\n- arm64: alternative: add auto-nop infrastructure (bsc#1068032).\n- arm64: barriers: introduce nops and __nops macros for NOP sequences (bsc#1068032).\n- arm64: cpu_errata: Allow an erratum to be match for all revisions of a core (bsc#1068032).\n- arm64: cpufeature: Add scope for capability check (bsc#1068032).\n- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).\n- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).\n- arm64: do not pull uaccess.h into *.S (bsc#1068032).\n- arm64: entry.S convert el0_sync (bsc#1068032).\n- arm64: entry.S: Remove disable_dbg (bsc#1068032).\n- arm64: entry.S: convert el1_sync (bsc#1068032).\n- arm64: entry.S: convert elX_irq (bsc#1068032).\n- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).\n- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).\n- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).\n- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).\n- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).\n- arm64: entry: remove pointless SPSR mode check (bsc#1068032).\n- arm64: explicitly mask all exceptions (bsc#1068032).\n- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).\n- arm64: factor out entry stack manipulation (bsc#1068032).\n- arm64: factor work_pending state machine to C (bsc#1068032).\n- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).\n- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).\n- arm64: introduce an order for exceptions (bsc#1068032).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).\n- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).\n- arm64: kill ESR_LNX_EXEC (bsc#1068032).\n- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).\n- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).\n- arm64: kvm: Survive unknown traps from guests (bnc#1012382).\n- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).\n- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).\n- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).\n- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).\n- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).\n- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).\n- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).\n- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).\n- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).\n- arm64: mm: hardcode rodata=true (bsc#1068032).\n- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).\n- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).\n- arm64: sysreg: allow write_sysreg to use XZR (bsc#1068032).\n- arm64: tlbflush.h: add __tlbi() macro (bsc#1068032).\n- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).\n- arm64: use RET instruction for exiting the trampoline (bsc#1068032).\n- arm64: use alternative auto-nop (bsc#1068032).\n- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).\n- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).\n- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).\n- arm: OMAP2+: Fix device node reference counts (bnc#1012382).\n- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).\n- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).\n- arm: avoid faulting on qemu (bnc#1012382).\n- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).\n- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).\n- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).\n- arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382).\n- arm: dts: ti: fix PCI bus dtc warnings (bnc#1012382).\n- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).\n- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).\n- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm: kvm: Survive unknown traps from guests (bnc#1012382).\n- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).\n- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).\n- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).\n- asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717).\n- asoc: twl4030: fix child-node lookup (bsc#1031717).\n- asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717).\n- ath9k: fix tx99 potential info leak (bnc#1012382).\n- atm: horizon: Fix irq release error (bnc#1012382).\n- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).\n- axonram: Fix gendisk handling (bnc#1012382).\n- backlight: pwm_bl: Fix overflow condition (bnc#1012382).\n- bcache.txt: standardize document format (bsc#1076110).\n- bcache: Avoid nested function definition (bsc#1076110).\n- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).\n- bcache: Fix building error on MIPS (bnc#1012382).\n- bcache: Remove deprecated create_workqueue (bsc#1076110).\n- bcache: Remove redundant block_size assignment (bsc#1076110).\n- bcache: Remove redundant parameter for cache_alloc() (bsc#1076110).\n- bcache: Remove redundant set_capacity (bsc#1076110).\n- bcache: Update continue_at() documentation (bsc#1076110).\n- bcache: add a comment in journal bucket reading (bsc#1076110).\n- bcache: check return value of register_shrinker (bsc#1076110).\n- bcache: debug: avoid accessing .bi_io_vec directly (bsc#1076110).\n- bcache: do not write back data if reading it failed (bsc#1076110).\n- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).\n- bcache: documentation updates and corrections (bsc#1076110).\n- bcache: explicitly destroy mutex while exiting (bnc#1012382).\n- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).\n- bcache: fix sequential large write IO bypass (bsc#1076110).\n- bcache: fix wrong cache_misses statistics (bnc#1012382).\n- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).\n- bcache: implement PI controller for writeback rate (bsc#1076110).\n- bcache: increase the number of open buckets (bsc#1076110).\n- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110).\n- bcache: pr_err: more meaningful error message when nr_stripes is invalid (bsc#1076110).\n- bcache: rearrange writeback main thread ratelimit (bsc#1076110).\n- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).\n- bcache: register_bcache(): call blkdev_put() when cache_alloc() fails (bsc#1076110).\n- bcache: remove unused parameter (bsc#1076110).\n- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085, bsc#1019784).\n- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).\n- bcache: silence static checker warning (bsc#1076110).\n- bcache: smooth writeback rate control (bsc#1076110).\n- bcache: switch to using blk_queue_write_cache() (bsc#1076110).\n- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).\n- bcache: update bucket_in_use in real time (bsc#1076110).\n- bcache: update document info (bsc#1076110).\n- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).\n- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).\n- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).\n- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).\n- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844).\n- block: export bio_free_pages to other modules (bsc#1076110).\n- block: wake up all tasks blocked in get_request() (bnc#1012382).\n- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).\n- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).\n- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).\n- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).\n- btrfs: account for pinned bytes in should_alloc_chunk (bsc#1066842).\n- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).\n- btrfs: clear space cache inode generation always (bnc#1012382).\n- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).\n- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).\n- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: kvaser_usb: free buf in error paths (bnc#1012382).\n- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).\n- can: peak: fix potential bug in packet fragmentation (bnc#1012382).\n- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).\n- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- cdc-acm: apply quirk for card reader (bsc#1060279).\n- cdrom: factor out common open_for_* code (bsc#1048585).\n- cdrom: wait for tray to close (bsc#1048585).\n- ceph: drop negative child dentries before try pruning inode's alias (bnc#1012382).\n- ceph: more accurate statfs (bsc#1077068).\n- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).\n- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).\n- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).\n- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).\n- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).\n- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).\n- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).\n- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).\n- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).\n- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).\n- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).\n- crypto: n2 - cure use after free (bnc#1012382).\n- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).\n- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).\n- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).\n- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).\n- dax: Pass detailed error code from __dax_fault() (bsc#1072484).\n- dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).\n- delay: add poll_event_interruptible (bsc#1048585).\n- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).\n- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).\n- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).\n- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).\n- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).\n- dmaengine: pl330: fix double lock (bnc#1012382).\n- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).\n- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).\n- drivers/md/bcache/util.h: remove duplicate inclusion of blkdev.h (bsc#1076110).\n- drivers: base: cacheinfo: fix boot error message when acpi is enabled (bnc#1012382).\n- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled (bnc#1012382).\n- drivers: net: xgene: Fix hardware checksum setting (bsc#1078526).\n- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).\n- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).\n- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).\n- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).\n- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).\n- drm/radeon: fix atombios on big endian (bnc#1012382).\n- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).\n- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).\n- drm: extra printk() wrapper macros (bnc#1012382).\n- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).\n- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).\n- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).\n- edac, sb_edac: Fix missing break in switch (bnc#1012382).\n- eeprom: at24: check at24_read/write arguments (bnc#1012382).\n- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).\n- efi: Move some sysfs files to be read-only by root (bnc#1012382).\n- eventpoll.h: add missing epoll event masks (bnc#1012382).\n- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).\n- ext4: fix crash when a directory's i_size is too small (bnc#1012382).\n- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).\n- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).\n- fjes: Fix wrong netdevice feature flags (bnc#1012382).\n- flow_dissector: properly cap thoff field (bnc#1012382).\n- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).\n- fork: clear thread stack upon allocation (bsc#1077560). Conflicts: \tseries.conf\n- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).\n- futex: Prevent overflow by strengthen input validation (bnc#1012382).\n- gcov: disable for COMPILE_TEST (bnc#1012382).\n- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).\n- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).\n- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).\n- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).\n- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).\n- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).\n- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).\n- i40e: Do not enable NAPI on q_vectors that have no rings (bnc#1012382).\n- ib/hfi1: Correct defered count after processing qp_wait_list (git-fixes).\n- ib/hfi1: Fix rnr_timer addition (git-fixes).\n- ib/hfi1: Handle kzalloc failure in init_pervl_scs (git-fixes).\n- ib/hfi1: Move iowait_init() to priv allocate (git-fixes).\n- ib/hfi1: Prevent kernel QP post send hard lockups (git-fixes).\n- ib/hfi1: Reset QSFP on every run through channel tuning (git-fixes).\n- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).\n- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).\n- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).\n- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).\n- ib/qib: Remove qpt_mask global (git-fixes).\n- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (git-fixes).\n- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).\n- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).\n- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).\n- ibmvnic: Fix IP offload control buffer (bsc#1076899).\n- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).\n- ibmvnic: Fix pending MAC address changes (bsc#1075627).\n- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).\n- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).\n- ibmvnic: Wait for device response when changing MAC (bsc#1078681).\n- igb: check memory allocation failure (bnc#1012382).\n- ima: fix hash algorithm initialization (bnc#1012382).\n- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).\n- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).\n- input: elantech - add new icbody type 15 (bnc#1012382).\n- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).\n- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix DT node memory management (bnc#1012382).\n- input: twl6040-vibra - fix child-node lookup (bnc#1012382).\n- intel_th: pci: Add Gemini Lake support (bnc#1012382).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).\n- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).\n- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).\n- ipmi: Stop timers before cleaning up the module (bnc#1012382).\n- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).\n- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).\n- ipv4: igmp: guard against silly MTU values (bnc#1012382).\n- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).\n- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).\n- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).\n- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).\n- ipv6: mcast: better catch silly mtu values (bnc#1012382).\n- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).\n- ipvlan: fix ipv6 outbound device (bnc#1012382).\n- ipvlan: remove excessive packet scrubbing (bsc#1070799).\n- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).\n- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).\n- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).\n- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).\n- isdn: kcapi: avoid uninitialized data (bnc#1012382).\n- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).\n- ixgbe: fix use of uninitialized padding (bnc#1012382).\n- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).\n- jump_label: Make it possible for arches to invoke jump_label_init() earlier (bsc#1068032).\n- jump_labels: Allow array initialisers (bsc#1068032).\n- kABI: protect struct bpf_map (kabi).\n- kABI: protect struct ipv6_pinfo (kabi).\n- kABI: protect struct t10_alua_tg_pt_gp (kabi).\n- kabi fix for new hash_cred function (bsc#1012917).\n- kabi/severities: do not care about stuff_RSB\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).\n- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).\n- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).\n- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).\n- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).\n- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).\n- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).\n- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).\n- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).\n- keys: add missing permission check for request_key() destination (bnc#1012382).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).\n- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).\n- kpti: Report when enabled (bnc#1012382).\n- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).\n- kvm: VMX: Fix enable VPID conditions (bnc#1012382).\n- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).\n- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).\n- kvm: arm/arm64: Fix occasional warning from the timer work function (bnc#1012382 bsc#988524).\n- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).\n- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).\n- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).\n- kvm: s390: wire up bpb feature (bsc#1076806).\n- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382).\n- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).\n- kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382).\n- kvm: x86: correct async page present tracepoint (bnc#1012382).\n- kvm: x86: fix RSM when PCID is non-zero (bnc#1012382).\n- kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382).\n- kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382).\n- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).\n- lan78xx: Fix failure in USB Full Speed (bnc#1012382).\n- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).\n- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).\n- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).\n- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).\n- md-cluster: free md_cluster_info if node leave cluster (bnc#1012382).\n- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).\n- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).\n- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).\n- mfd: twl6040: Fix child-node lookup (bnc#1012382).\n- mlxsw: reg: Fix SPVM max record count (bnc#1012382).\n- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).\n- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1012382).\n- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).\n- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).\n- mm: Introduce lm_alias (bsc#1068032).\n- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).\n- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).\n- mmc: core: Do not leave the block driver in a suspended state (bnc#1012382).\n- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).\n- module: set __jump_table alignment to 8 (bnc#1012382).\n- more bio_map_user_iov() leak fixes (bnc#1012382).\n- mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382).\n- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).\n- net/appletalk: Fix kernel memory disclosure (bnc#1012382).\n- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).\n- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).\n- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).\n- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).\n- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).\n- net: Resend IGMP memberships upon peer notification (bnc#1012382).\n- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).\n- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).\n- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).\n- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).\n- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).\n- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).\n- net: core: fix module type in sock_diag_bind (bnc#1012382).\n- net: fec: fix multicast filtering hardware setup (bnc#1012382).\n- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).\n- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).\n- net: initialize msg.msg_flags in recvfrom (bnc#1012382).\n- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).\n- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).\n- net: mvneta: clear interface link status on port disable (bnc#1012382).\n- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).\n- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).\n- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).\n- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).\n- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).\n- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).\n- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).\n- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).\n- net: systemport: Pad packet before inserting TSB (bnc#1012382).\n- net: systemport: Utilize skb_put_padto() (bnc#1012382).\n- net: tcp: close sock if net namespace is exiting (bnc#1012382).\n- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).\n- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).\n- netfilter: do not track fragmented packets (bnc#1012382).\n- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).\n- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).\n- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).\n- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).\n- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).\n- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).\n- netlink: add a start callback for starting a netlink dump (bnc#1012382).\n- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).\n- nfs: Fix a typo in nfs_rename() (bnc#1012382).\n- nfs: improve shinking of access cache (bsc#1012917).\n- nfsd: Fix another OPEN stateid race (bnc#1012382).\n- nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382).\n- nfsd: Make init_open_stateid() a bit more whole (bnc#1012382).\n- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).\n- nfsd: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).\n- nfsd: fix nfsd_reset_versions for NFSv4 (bnc#1012382).\n- nfsv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).\n- nfsv4: Fix client recovery when server reboots multiple times (bnc#1012382).\n- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).\n- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).\n- packet: fix crash in fanout_demux_rollover() (bnc#1012382).\n- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).\n- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).\n- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).\n- pci / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).\n- pci/AER: Report non-fatal errors only to the affected endpoint (bnc#1012382).\n- pci/PME: Handle invalid data when reading Root Status (bnc#1012382).\n- pci: Avoid bus reset if bridge itself is broken (bnc#1012382).\n- pci: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).\n- pci: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).\n- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).\n- perf test attr: Fix ignored test case result (bnc#1012382).\n- perf: xgene: Add support for SoC PMU version 3 (bsc#1076809).\n- perf: xgene: Include module.h (bsc#1076809).\n- perf: xgene: Move PMU leaf functions into function pointer structure (bsc#1076809).\n- perf: xgene: Parse PMU subnode from the match table (bsc#1076809).\n- perf: xgene: Remove unnecessary managed resources cleanup (bsc#1076809).\n- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).\n- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).\n- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).\n- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).\n- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).\n- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).\n- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).\n- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).\n- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).\n- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).\n- powerpc/ipic: Fix status get and status clear (bnc#1012382).\n- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).\n- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).\n- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).\n- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).\n- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).\n- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).\n- ppp: Destroy the mutex when cleanup (bnc#1012382).\n- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).\n- pti: unbreak EFI (bsc#1074709).\n- r8152: fix the list rx_done may be used without initialization (bnc#1012382).\n- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).\n- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).\n- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).\n- ravb: Remove Rx overflow log messages (bnc#1012382).\n- rbd: set max_segments to USHRT_MAX (bnc#1012382).\n- rdma/cma: Avoid triggering undefined behavior (bnc#1012382).\n- rdma/iser: Fix possible mr leak on device removal event (bnc#1012382).\n- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).\n- rds: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).\n- rds: null pointer dereference in rds_atomic_free_op (bnc#1012382).\n- regulator: Try to resolve regulators supplies on registration (bsc#1074847).\n- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).\n- regulator: da9063: Return an error code on probe failure (bsc#1074847).\n- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).\n- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).\n- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).\n- route: also update fnhe_genid when updating a route cache (bnc#1012382).\n- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).\n- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).\n- rtc: pcf8563: fix output clock rate (bnc#1012382).\n- rtc: pl031: make interrupt optional (bnc#1012382).\n- rtc: set the alarm to the next expiring timer (bnc#1012382).\n- s390/pci: do not require AIS facility (bnc#1012382).\n- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1012382).\n- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).\n- s390: always save and restore all registers on context switch (bnc#1012382).\n- s390: fix compat system call table (bnc#1012382).\n- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).\n- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).\n- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).\n- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).\n- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).\n- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).\n- sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476).\n- scsi: bfa: integer overflow in debugfs (bnc#1012382).\n- scsi: check for device state in __scsi_remove_target() (bsc#1072589).\n- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).\n- scsi: fixup kernel warning during rmmod() (bsc#1052360).\n- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).\n- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).\n- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).\n- scsi: lpfc: Fix PT2PT PRLI reject (bnc#1012382).\n- scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters (bnc#1012382).\n- scsi: lpfc: Fix secure firmware updates (bnc#1012382).\n- scsi: lpfc: PLOGI failures during NPIV testing (bnc#1012382).\n- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).\n- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).\n- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).\n- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).\n- scsi: sr: wait for the medium to become ready (bsc#1048585).\n- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).\n- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).\n- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).\n- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).\n- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).\n- selftests/x86: Add test_vsyscall (bnc#1012382).\n- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).\n- serial: 8250_pci: Add Amazon PCI serial device ID (bnc#1012382).\n- series.conf: fix wrong bsc reference\n- series.conf: whitespace cleanup\n- sfc: do not warn on successful change of MAC (bnc#1012382).\n- sh_eth: fix SH7757 GEther initialization (bnc#1012382).\n- sh_eth: fix TSU resource handling (bnc#1012382).\n- sit: update frag_off info (bnc#1012382).\n- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).\n- sparc64/mm: set fields in deferred pages (bnc#1012382).\n- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).\n- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).\n- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).\n- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).\n- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).\n- sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917).\n- sunrpc: add auth_unix hash_cred() function (bsc#1012917).\n- sunrpc: add generic_auth hash_cred() function (bsc#1012917).\n- sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917).\n- sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917).\n- sunrpc: use supplimental groups in auth hash (bsc#1012917).\n- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).\n- sysfs/cpu: Add vulnerability folder (bnc#1012382).\n- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).\n- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).\n- sysrq : fix Show Regs call trace on ARM (bnc#1012382).\n- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).\n- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).\n- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).\n- target: Use system workqueue for ALUA transitions (bnc#1012382).\n- target: fix ALUA transition timeout handling (bnc#1012382).\n- target: fix race during implicit transition work flushes (bnc#1012382).\n- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).\n- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).\n- tcp: __tcp_hdrlen() helper (bnc#1012382).\n- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).\n- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).\n- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).\n- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).\n- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).\n- tipc: fix cleanup at module unload (bnc#1012382).\n- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).\n- tipc: improve link resiliency when rps is activated (bsc#1068038).\n- tracing: Allocate mask_str buffer dynamically (bnc#1012382).\n- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).\n- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).\n- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).\n- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).\n- tty fix oops when rmmod 8250 (bnc#1012382).\n- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).\n- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).\n- udf: Avoid overflow when session starts at large offset (bnc#1012382).\n- um: link vmlinux with -no-pie (bnc#1012382).\n- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).\n- usb: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).\n- usb: Increase usbfs transfer limit (bnc#1012382).\n- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).\n- usb: core: Add type-specific length check of BOS descriptors (bnc#1012382).\n- usb: core: prevent malicious bNumInterfaces overflow (bnc#1012382).\n- usb: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).\n- usb: fix usbmon BUG trigger (bnc#1012382).\n- usb: gadget: configs: plug memory leak (bnc#1012382).\n- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).\n- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).\n- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).\n- usb: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).\n- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).\n- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).\n- usb: musb: da8xx: fix babble condition handling (bnc#1012382).\n- usb: phy: isp1301: Add OF device ID table (bnc#1012382).\n- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).\n- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).\n- usb: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).\n- usb: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).\n- usb: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).\n- usb: serial: option: add Quectel BG96 id (bnc#1012382).\n- usb: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).\n- usb: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).\n- usb: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).\n- usb: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).\n- usb: usbfs: Filter flags passed in from user space (bnc#1012382).\n- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).\n- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).\n- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).\n- usbip: Fix implicit fallthrough warning (bnc#1012382).\n- usbip: Fix potential format overflow in userspace tools (bnc#1012382).\n- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).\n- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).\n- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).\n- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).\n- usbip: prevent leaking socket pointer address in messages (bnc#1012382).\n- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).\n- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).\n- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).\n- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).\n- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).\n- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).\n- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).\n- virtio: release virtio index when fail to device_register (bnc#1012382).\n- vmxnet3: repair memory leak (bnc#1012382).\n- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).\n- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).\n- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).\n- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).\n- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).\n- writeback: fix memory leak in wb_queue_work() (bnc#1012382).\n- x.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).\n- x.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).\n- x509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).\n- x86/Documentation: Add PTI description (bnc#1012382).\n- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).\n- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).\n- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).\n- x86/alternatives: Add missing '\\n' at end of ALTERNATIVE inline asm (bnc#1012382).\n- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).\n- x86/apic/vector: Fix off by one in error path (bnc#1012382).\n- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).\n- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).\n- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).\n- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).\n- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).\n- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).\n- x86/efi-bgrt: Fix kernel panic when mapping BGRT data (bnc#1012382).\n- x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382).\n- x86/efi: Build our own page table structures (bnc#1012382).\n- x86/efi: Hoist page table switching code into efi_call_virt() (bnc#1012382).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).\n- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).\n- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).\n- x86/kasan: Write protect kasan zero shadow (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).\n- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).\n- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).\n- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (bnc#1012382).\n- x86/mm: Disable PCID on 32-bit kernels (bnc#1012382).\n- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).\n- x86/pti: Document fix wrong index (bnc#1012382).\n- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).\n- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).\n- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).\n- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).\n- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).\n- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).\n- xen-netfront: Improve error handling during initialization (bnc#1012382).\n- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).\n- xfrm: Copy policy family in clone_policy (bnc#1012382).\n- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).\n- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).\n- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).\n- xfs: add configurable error support to metadata buffers (bsc#1068569).\n- xfs: add configuration handlers for specific errors (bsc#1068569).\n- xfs: add configuration of error failure speed (bsc#1068569).\n- xfs: address kabi for xfs buffer retry infrastructure (kabi).\n- xfs: configurable error behavior via sysfs (bsc#1068569).\n- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).\n- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).\n- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).\n- xfs: introduce metadata IO error class (bsc#1068569).\n- xfs: introduce table-based init for error behaviors (bsc#1068569).\n- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).\n- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).\n- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).\n- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).\n- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-285,SUSE-SLE-DESKTOP-12-SP2-2018-285,SUSE-SLE-HA-12-SP2-2018-285,SUSE-SLE-Live-Patching-12-2018-285,SUSE-SLE-RPI-12-SP2-2018-285,SUSE-SLE-SDK-12-SP2-2018-285,SUSE-SLE-SERVER-12-SP2-2018-285,SUSE-SLE-WE-12-SP2-2018-285", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0416-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:0416-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20180416-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:0416-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-February/003721.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1012917", url: "https://bugzilla.suse.com/1012917", }, { category: "self", summary: "SUSE Bug 1019784", url: "https://bugzilla.suse.com/1019784", }, { category: "self", summary: "SUSE Bug 1022476", url: "https://bugzilla.suse.com/1022476", }, { category: "self", summary: "SUSE Bug 1031717", url: "https://bugzilla.suse.com/1031717", }, { category: "self", summary: "SUSE Bug 1038078", url: "https://bugzilla.suse.com/1038078", }, { category: "self", summary: "SUSE Bug 1038085", url: "https://bugzilla.suse.com/1038085", }, { category: "self", summary: "SUSE Bug 1043652", url: "https://bugzilla.suse.com/1043652", }, { category: "self", summary: "SUSE Bug 1048585", url: "https://bugzilla.suse.com/1048585", }, { category: "self", summary: "SUSE Bug 1052360", url: "https://bugzilla.suse.com/1052360", }, { category: "self", summary: "SUSE Bug 1060279", url: "https://bugzilla.suse.com/1060279", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1066842", url: "https://bugzilla.suse.com/1066842", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068038", url: "https://bugzilla.suse.com/1068038", }, { category: "self", summary: "SUSE Bug 1068569", url: "https://bugzilla.suse.com/1068569", }, { category: "self", summary: "SUSE Bug 1068984", url: "https://bugzilla.suse.com/1068984", }, { category: "self", summary: "SUSE Bug 1069160", url: "https://bugzilla.suse.com/1069160", }, { category: "self", summary: "SUSE Bug 1070799", url: "https://bugzilla.suse.com/1070799", }, { category: "self", summary: "SUSE Bug 1072163", url: "https://bugzilla.suse.com/1072163", }, { category: "self", summary: "SUSE Bug 1072484", url: "https://bugzilla.suse.com/1072484", }, { category: "self", summary: "SUSE Bug 1072589", url: "https://bugzilla.suse.com/1072589", }, { category: "self", summary: "SUSE Bug 1073229", url: "https://bugzilla.suse.com/1073229", }, { category: "self", summary: "SUSE Bug 1073928", url: "https://bugzilla.suse.com/1073928", }, { category: "self", summary: "SUSE Bug 1074134", url: "https://bugzilla.suse.com/1074134", }, { category: "self", summary: "SUSE Bug 1074392", url: "https://bugzilla.suse.com/1074392", }, { category: "self", summary: "SUSE Bug 1074488", url: "https://bugzilla.suse.com/1074488", }, { category: "self", summary: "SUSE Bug 1074621", url: "https://bugzilla.suse.com/1074621", }, { category: "self", summary: "SUSE Bug 1074709", url: "https://bugzilla.suse.com/1074709", }, { category: "self", summary: "SUSE Bug 1074839", url: "https://bugzilla.suse.com/1074839", }, { category: "self", summary: "SUSE Bug 1074847", url: "https://bugzilla.suse.com/1074847", }, { category: "self", summary: "SUSE Bug 1075066", url: "https://bugzilla.suse.com/1075066", }, { category: "self", summary: "SUSE Bug 1075078", url: "https://bugzilla.suse.com/1075078", }, { category: "self", summary: "SUSE Bug 1075087", url: "https://bugzilla.suse.com/1075087", }, { category: "self", summary: "SUSE Bug 1075091", url: "https://bugzilla.suse.com/1075091", }, { category: "self", summary: "SUSE Bug 1075428", url: "https://bugzilla.suse.com/1075428", }, { category: "self", summary: "SUSE Bug 1075617", url: "https://bugzilla.suse.com/1075617", }, { category: "self", summary: "SUSE Bug 1075621", url: "https://bugzilla.suse.com/1075621", }, { category: "self", summary: "SUSE Bug 1075627", url: "https://bugzilla.suse.com/1075627", }, { category: "self", summary: "SUSE Bug 1075994", url: "https://bugzilla.suse.com/1075994", }, { category: "self", summary: "SUSE Bug 1076017", url: "https://bugzilla.suse.com/1076017", }, { category: "self", summary: "SUSE Bug 1076110", url: "https://bugzilla.suse.com/1076110", }, { category: "self", summary: "SUSE Bug 1076806", url: "https://bugzilla.suse.com/1076806", }, { category: "self", summary: "SUSE Bug 1076809", url: "https://bugzilla.suse.com/1076809", }, { category: "self", summary: "SUSE Bug 1076872", url: "https://bugzilla.suse.com/1076872", }, { category: "self", summary: "SUSE Bug 1076899", url: "https://bugzilla.suse.com/1076899", }, { category: "self", summary: "SUSE Bug 1077068", url: "https://bugzilla.suse.com/1077068", }, { category: "self", summary: "SUSE Bug 1077560", url: "https://bugzilla.suse.com/1077560", }, { category: "self", summary: "SUSE Bug 1077592", url: "https://bugzilla.suse.com/1077592", }, { category: "self", summary: "SUSE Bug 1078526", url: "https://bugzilla.suse.com/1078526", }, { category: "self", summary: "SUSE Bug 1078681", url: "https://bugzilla.suse.com/1078681", }, { category: "self", summary: "SUSE Bug 963844", url: "https://bugzilla.suse.com/963844", }, { category: "self", summary: "SUSE Bug 988524", url: "https://bugzilla.suse.com/988524", }, { category: "self", summary: "SUSE CVE CVE-2017-15129 page", url: "https://www.suse.com/security/cve/CVE-2017-15129/", }, { category: "self", summary: "SUSE CVE CVE-2017-17712 page", url: "https://www.suse.com/security/cve/CVE-2017-17712/", }, { category: "self", summary: "SUSE CVE CVE-2017-17862 page", url: "https://www.suse.com/security/cve/CVE-2017-17862/", }, { category: "self", summary: "SUSE CVE CVE-2017-17864 page", url: "https://www.suse.com/security/cve/CVE-2017-17864/", }, { category: "self", summary: "SUSE CVE CVE-2017-18017 page", url: "https://www.suse.com/security/cve/CVE-2017-18017/", }, { category: "self", summary: "SUSE CVE CVE-2017-5715 page", url: "https://www.suse.com/security/cve/CVE-2017-5715/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000004 page", url: "https://www.suse.com/security/cve/CVE-2018-1000004/", }, { category: "self", summary: "SUSE CVE CVE-2018-5332 page", url: "https://www.suse.com/security/cve/CVE-2018-5332/", }, { category: "self", summary: "SUSE CVE CVE-2018-5333 page", url: "https://www.suse.com/security/cve/CVE-2018-5333/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-02-09T15:27:09Z", generator: { date: "2018-02-09T15:27:09Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:0416-1", initial_release_date: "2018-02-09T15:27:09Z", revision_history: [ { date: "2018-02-09T15:27:09Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-4.4.114-92.64.1.aarch64", product: { name: "kernel-default-4.4.114-92.64.1.aarch64", product_id: "kernel-default-4.4.114-92.64.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-92.64.1.aarch64", product: { name: "kernel-default-base-4.4.114-92.64.1.aarch64", product_id: "kernel-default-base-4.4.114-92.64.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-92.64.1.aarch64", product: { name: "kernel-default-devel-4.4.114-92.64.1.aarch64", product_id: "kernel-default-devel-4.4.114-92.64.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.114-92.64.1.aarch64", product: { name: "kernel-syms-4.4.114-92.64.1.aarch64", product_id: "kernel-syms-4.4.114-92.64.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.114-92.64.1.aarch64", product: { name: "kernel-obs-build-4.4.114-92.64.1.aarch64", product_id: "kernel-obs-build-4.4.114-92.64.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.114-92.64.1.noarch", product: { name: "kernel-devel-4.4.114-92.64.1.noarch", product_id: "kernel-devel-4.4.114-92.64.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.114-92.64.1.noarch", product: { name: "kernel-macros-4.4.114-92.64.1.noarch", product_id: "kernel-macros-4.4.114-92.64.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.114-92.64.1.noarch", product: { name: "kernel-source-4.4.114-92.64.1.noarch", product_id: "kernel-source-4.4.114-92.64.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.114-92.64.2.noarch", product: { name: "kernel-docs-4.4.114-92.64.2.noarch", product_id: "kernel-docs-4.4.114-92.64.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", product: { name: "cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", product_id: "cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", product: { name: "cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", product_id: "cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.114-92.64.1.ppc64le", product: { name: "dlm-kmp-default-4.4.114-92.64.1.ppc64le", product_id: "dlm-kmp-default-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.114-92.64.1.ppc64le", product: { name: "gfs2-kmp-default-4.4.114-92.64.1.ppc64le", product_id: "gfs2-kmp-default-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", product: { name: "ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", product_id: "ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.114-92.64.1.ppc64le", product: { name: "kernel-obs-build-4.4.114-92.64.1.ppc64le", product_id: "kernel-obs-build-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.114-92.64.1.ppc64le", product: { name: "kernel-default-4.4.114-92.64.1.ppc64le", product_id: "kernel-default-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-92.64.1.ppc64le", product: { name: "kernel-default-base-4.4.114-92.64.1.ppc64le", product_id: "kernel-default-base-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-92.64.1.ppc64le", product: { name: "kernel-default-devel-4.4.114-92.64.1.ppc64le", product_id: "kernel-default-devel-4.4.114-92.64.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.114-92.64.1.ppc64le", product: { name: "kernel-syms-4.4.114-92.64.1.ppc64le", product_id: "kernel-syms-4.4.114-92.64.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.114-92.64.1.s390x", product: { name: "cluster-md-kmp-default-4.4.114-92.64.1.s390x", product_id: "cluster-md-kmp-default-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.114-92.64.1.s390x", product: { name: "cluster-network-kmp-default-4.4.114-92.64.1.s390x", product_id: "cluster-network-kmp-default-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.114-92.64.1.s390x", product: { name: "dlm-kmp-default-4.4.114-92.64.1.s390x", product_id: "dlm-kmp-default-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.114-92.64.1.s390x", product: { name: "gfs2-kmp-default-4.4.114-92.64.1.s390x", product_id: "gfs2-kmp-default-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.114-92.64.1.s390x", product: { name: "ocfs2-kmp-default-4.4.114-92.64.1.s390x", product_id: "ocfs2-kmp-default-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.114-92.64.1.s390x", product: { name: "kernel-obs-build-4.4.114-92.64.1.s390x", product_id: "kernel-obs-build-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.114-92.64.1.s390x", product: { name: "kernel-default-4.4.114-92.64.1.s390x", product_id: "kernel-default-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-92.64.1.s390x", product: { name: "kernel-default-base-4.4.114-92.64.1.s390x", product_id: "kernel-default-base-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-92.64.1.s390x", product: { name: "kernel-default-devel-4.4.114-92.64.1.s390x", product_id: "kernel-default-devel-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.114-92.64.1.s390x", product: { name: "kernel-default-man-4.4.114-92.64.1.s390x", product_id: "kernel-default-man-4.4.114-92.64.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.114-92.64.1.s390x", product: { name: "kernel-syms-4.4.114-92.64.1.s390x", product_id: "kernel-syms-4.4.114-92.64.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.4.114-92.64.1.x86_64", product: { name: "kernel-default-4.4.114-92.64.1.x86_64", product_id: "kernel-default-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-92.64.1.x86_64", product: { name: "kernel-default-devel-4.4.114-92.64.1.x86_64", product_id: "kernel-default-devel-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.114-92.64.1.x86_64", product: { name: "kernel-default-extra-4.4.114-92.64.1.x86_64", product_id: "kernel-default-extra-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.114-92.64.1.x86_64", product: { name: "kernel-syms-4.4.114-92.64.1.x86_64", product_id: "kernel-syms-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.114-92.64.1.x86_64", product: { name: "cluster-md-kmp-default-4.4.114-92.64.1.x86_64", product_id: "cluster-md-kmp-default-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.114-92.64.1.x86_64", product: { name: "cluster-network-kmp-default-4.4.114-92.64.1.x86_64", product_id: "cluster-network-kmp-default-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.114-92.64.1.x86_64", product: { name: "dlm-kmp-default-4.4.114-92.64.1.x86_64", product_id: "dlm-kmp-default-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.114-92.64.1.x86_64", product: { name: "gfs2-kmp-default-4.4.114-92.64.1.x86_64", product_id: "gfs2-kmp-default-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.114-92.64.1.x86_64", product: { name: "ocfs2-kmp-default-4.4.114-92.64.1.x86_64", product_id: "ocfs2-kmp-default-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", product: { name: "kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", product_id: "kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.114-92.64.1.x86_64", product: { name: "kernel-obs-build-4.4.114-92.64.1.x86_64", product_id: "kernel-obs-build-4.4.114-92.64.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-92.64.1.x86_64", product: { name: "kernel-default-base-4.4.114-92.64.1.x86_64", product_id: "kernel-default-base-4.4.114-92.64.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP2", product: { name: "SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP2", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12", product: { name: "SUSE Linux Enterprise Live Patching 12", product_id: "SUSE Linux Enterprise Live Patching 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product: { name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP2", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2", product: { name: "SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 12 SP2", product: { name: "SUSE Linux Enterprise Workstation Extension 12 SP2", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:12:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-extra-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", }, product_reference: "kernel-devel-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", }, product_reference: "kernel-macros-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", }, product_reference: "kernel-source-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-syms-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", }, product_reference: "cluster-md-kmp-default-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", }, product_reference: "cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", }, product_reference: "cluster-network-kmp-default-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", }, product_reference: "cluster-network-kmp-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", }, product_reference: "dlm-kmp-default-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", }, product_reference: "dlm-kmp-default-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", }, product_reference: "dlm-kmp-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", }, product_reference: "gfs2-kmp-default-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", }, product_reference: "gfs2-kmp-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", }, product_reference: "ocfs2-kmp-default-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12", product_id: "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", }, product_reference: "kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-base-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", }, product_reference: "kernel-devel-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", }, product_reference: "kernel-macros-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", }, product_reference: "kernel-source-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-syms-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.4.114-92.64.2.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", }, product_reference: "kernel-docs-4.4.114-92.64.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-obs-build-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-obs-build-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", }, product_reference: "kernel-obs-build-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-obs-build-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-default-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-base-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-default-base-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-base-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-base-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-man-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", }, product_reference: "kernel-devel-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", }, product_reference: "kernel-macros-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", }, product_reference: "kernel-source-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-syms-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-syms-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", }, product_reference: "kernel-syms-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-syms-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-default-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-base-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-default-base-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-base-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-base-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-devel-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", }, product_reference: "kernel-default-man-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", }, product_reference: "kernel-devel-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", }, product_reference: "kernel-macros-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.114-92.64.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", }, product_reference: "kernel-source-4.4.114-92.64.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", }, product_reference: "kernel-syms-4.4.114-92.64.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", }, product_reference: "kernel-syms-4.4.114-92.64.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", }, product_reference: "kernel-syms-4.4.114-92.64.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-syms-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.114-92.64.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP2", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", }, product_reference: "kernel-default-extra-4.4.114-92.64.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 12 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15129", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15129", url: "https://www.suse.com/security/cve/CVE-2017-15129", }, { category: "external", summary: "SUSE Bug 1074839 for CVE-2017-15129", url: "https://bugzilla.suse.com/1074839", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "moderate", }, ], title: "CVE-2017-15129", }, { cve: "CVE-2017-17712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17712", }, ], notes: [ { category: "general", text: "The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17712", url: "https://www.suse.com/security/cve/CVE-2017-17712", }, { category: "external", summary: "SUSE Bug 1073229 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073229", }, { category: "external", summary: "SUSE Bug 1073230 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073230", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "important", }, ], title: "CVE-2017-17712", }, { cve: "CVE-2017-17862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17862", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17862", url: "https://www.suse.com/security/cve/CVE-2017-17862", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17862", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "moderate", }, ], title: "CVE-2017-17862", }, { cve: "CVE-2017-17864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17864", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17864", url: "https://www.suse.com/security/cve/CVE-2017-17864", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17864", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "moderate", }, ], title: "CVE-2017-17864", }, { cve: "CVE-2017-18017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18017", }, ], notes: [ { category: "general", text: "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18017", url: "https://www.suse.com/security/cve/CVE-2017-18017", }, { category: "external", summary: "SUSE Bug 1074488 for CVE-2017-18017", url: "https://bugzilla.suse.com/1074488", }, { category: "external", summary: "SUSE Bug 1080255 for CVE-2017-18017", url: "https://bugzilla.suse.com/1080255", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-18017", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-18017", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 971126 for CVE-2017-18017", url: "https://bugzilla.suse.com/971126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "important", }, ], title: "CVE-2017-18017", }, { cve: "CVE-2017-5715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5715", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5715", url: "https://www.suse.com/security/cve/CVE-2017-5715", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5715", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1074741 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074741", }, { category: "external", summary: "SUSE Bug 1074919 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074919", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075007 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075007", }, { category: "external", summary: "SUSE Bug 1075262 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075262", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1076115 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076115", }, { category: "external", summary: "SUSE Bug 1076372 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076372", }, { category: "external", summary: "SUSE Bug 1076606 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076606", }, { category: "external", summary: "SUSE Bug 1078353 for CVE-2017-5715", url: "https://bugzilla.suse.com/1078353", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5715", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087887 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087887", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1088147 for CVE-2017-5715", url: "https://bugzilla.suse.com/1088147", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5715", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-5715", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1095735 for CVE-2017-5715", url: "https://bugzilla.suse.com/1095735", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2017-5715", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-5715", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1126516 for CVE-2017-5715", url: "https://bugzilla.suse.com/1126516", }, { category: "external", summary: "SUSE Bug 1173489 for CVE-2017-5715", url: "https://bugzilla.suse.com/1173489", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5715", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201457 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201457", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1203236 for CVE-2017-5715", url: "https://bugzilla.suse.com/1203236", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "important", }, ], title: "CVE-2017-5715", }, { cve: "CVE-2018-1000004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000004", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000004", url: "https://www.suse.com/security/cve/CVE-2018-1000004", }, { category: "external", summary: "SUSE Bug 1076017 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1076017", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "moderate", }, ], title: "CVE-2018-1000004", }, { cve: "CVE-2018-5332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5332", }, ], notes: [ { category: "general", text: "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5332", url: "https://www.suse.com/security/cve/CVE-2018-5332", }, { category: "external", summary: "SUSE Bug 1075621 for CVE-2018-5332", url: "https://bugzilla.suse.com/1075621", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5332", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-5332", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "low", }, ], title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5333", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5333", url: "https://www.suse.com/security/cve/CVE-2018-5333", }, { category: "external", summary: "SUSE Bug 1075617 for CVE-2018-5333", url: "https://bugzilla.suse.com/1075617", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5333", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_114-92_64-default-1-3.3.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.114-92.64.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.114-92.64.2.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.114-92.64.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.114-92.64.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-09T15:27:09Z", details: "low", }, ], title: "CVE-2018-5333", }, ], }
suse-su-2018:0986-1
Vulnerability from csaf_suse
Published
2018-04-19 09:27
Modified
2018-04-19 09:27
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 Realtime kernel was updated to 4.4.120 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.
- CVE-2017-13166: An elevation of privilege vulnerability in the v4l2 video driver. (bnc#1072865).
- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel. The function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).
- CVE-2017-15951: The KEYS subsystem in the Linux kernel did not correctly synchronize the actions of updating versus finding a key in the 'negative' state to avoid a race condition, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls (bnc#1065615).
- CVE-2017-16912: The 'get_pipe()' function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673).
- CVE-2017-16913: The 'stub_recv_cmd_submit()' function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672).
- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229 1073230).
- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).
- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).
- CVE-2017-17975: Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c allowed attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure (bnc#1074426).
- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2017-18174: In the Linux kernel the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free (bnc#1080533).
- CVE-2017-18208: The madvise_willneed function in mm/madvise.c allowed local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494).
- CVE-2018-1000004: In the Linux kernel a race condition vulnerability existed in the sound system, which could lead to a deadlock and denial of service condition (bnc#1076017).
- CVE-2018-1000026: Linux kernel version contained a insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via an attacker that must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM. (bnc#1079384).
- CVE-2018-5332: In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).
- CVE-2018-5333: In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).
- CVE-2018-8087: Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c allowed local users to cause a denial of service (memory consumption) by triggering an out-of-array error case (bnc#1085053).
- CVE-2017-16644: The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118).
The following non-security bugs were fixed:
- 509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).
- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).
- acpi / bus: Leave modalias empty for devices which are not present (bnc#1012382).
- acpi, nfit: fix health event notification (FATE#321135, FATE#321217, FATE#321256, FATE#321391, FATE#321393).
- acpi, nfit: fix register dimm error handling (FATE#321135, FATE#321217, FATE#321256, FATE#321391, FATE#321393).
- acpi: sbshc: remove raw pointer from printk() message (bnc#1012382).
- acpi / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).
- Add delay-init quirk for Corsair K70 RGB keyboards (bnc#1012382).
- add ip6_make_flowinfo helper (bsc#1042286).
- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).
- af_key: fix buffer overread in verify_address_len() (bnc#1012382).
- afs: Adjust mode bits processing (bnc#1012382).
- afs: Connect up the CB.ProbeUuid (bnc#1012382).
- afs: Fix afs_kill_pages() (bnc#1012382).
- afs: Fix missing put_page() (bnc#1012382).
- afs: Fix page leak in afs_write_begin() (bnc#1012382).
- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).
- afs: Flush outstanding writes when an fd is closed (bnc#1012382).
- afs: Migrate vlocation fields to 64-bit (bnc#1012382).
- afs: Populate and use client modification time (bnc#1012382).
- afs: Populate group ID from vnode status (bnc#1012382).
- afs: Prevent callback expiry timer overflow (bnc#1012382).
- ahci: Add Intel Cannon Lake PCH-H PCI ID (bnc#1012382).
- ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI (bnc#1012382).
- ahci: Annotate PCI ids for mobile Intel chipsets as such (bnc#1012382).
- alpha: fix build failures (bnc#1012382).
- alpha: fix crash if pthread_create races with signal delivery (bnc#1012382).
- alpha: fix reboot on Avanti platform (bnc#1012382).
- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).
- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).
- alsa: aloop: Release cable upon open error path (bsc#1031717).
- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).
- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).
- alsa: hda/ca0132 - fix possible NULL pointer use (bnc#1012382).
- alsa: hda - Fix headset mic detection problem for two Dell machines (bnc#1012382).
- alsa: hda/realtek - Add headset mode support for Dell laptop (bsc#1031717).
- alsa: hda/realtek: PCI quirk for Fujitsu U7x7 (bnc#1012382).
- alsa: hda - Reduce the suspend time consumption for ALC256 (bsc#1031717).
- alsa: hda - Use IS_REACHABLE() for dependency on input (bsc#1031717).
- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).
- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).
- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).
- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).
- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).
- alsa: seq: Fix racy pool initializations (bnc#1012382).
- alsa: seq: Fix regression by incorrect ioctl_mutex usages (bnc#1012382).
- alsa: usb-audio: add implicit fb quirk for Behringer UFX1204 (bnc#1012382).
- alsa: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bnc#1012382).
- amd-xgbe: Fix unused suspend handlers build warning (bnc#1012382).
- arc: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).
- arm64: add PTE_ADDR_MASK (bsc#1068032).
- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).
- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).
- arm64: barrier: Add CSDB macros to control data-value prediction (bsc#1068032).
- arm64: Branch predictor hardening for Cavium ThunderX2 (bsc#1068032).
- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).
- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).
- arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs (bsc#1068032).
- arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 (bsc#1068032).
- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).
- arm64: define BUG() instruction without CONFIG_BUG (bnc#1012382).
- arm64: Define cputype macros for Falkor CPU (bsc#1068032).
- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).
- arm64: Disable unhandled signal log messages by default (bnc#1012382).
- arm64: Do not force KPTI for CPUs that are not vulnerable (bsc#1076187).
- arm64: do not pull uaccess.h into *.S (bsc#1068032).
- arm64: dts: add #cooling-cells to CPU nodes (bnc#1012382).
- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).
- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).
- arm64: entry: Apply BP hardening for high-priority synchronous exceptions (bsc#1068032).
- arm64: entry: Apply BP hardening for suspicious interrupts from EL0 (bsc#1068032).
- arm64: entry: Ensure branch through syscall table is bounded under speculation (bsc#1068032).
- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).
- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).
- arm64: entry: remove pointless SPSR mode check (bsc#1068032).
- arm64: entry: Reword comment about post_ttbr_update_workaround (bsc#1068032).
- arm64: entry.S convert el0_sync (bsc#1068032).
- arm64: entry.S: convert el1_sync (bsc#1068032).
- arm64: entry.S: convert elX_irq (bsc#1068032).
- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).
- arm64: entry.S: Remove disable_dbg (bsc#1068032).
- arm64: erratum: Work around Falkor erratum #E1003 in trampoline code (bsc#1068032).
- arm64: explicitly mask all exceptions (bsc#1068032).
- arm64: factor out entry stack manipulation (bsc#1068032).
- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).
- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).
- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).
- arm64: factor work_pending state machine to C (bsc#1068032).
- arm64: Force KPTI to be disabled on Cavium ThunderX (bsc#1068032).
- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).
- arm64: futex: Mask __user pointers prior to dereference (bsc#1068032).
- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).
- arm64: Handle faults caused by inadvertent user access with PAN enabled (bsc#1068032).
- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).
- arm64: idmap: Use 'awx' flags for .idmap.text .pushsection directives (bsc#1068032).
- arm64: Implement array_index_mask_nospec() (bsc#1068032).
- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).
- arm64: Implement branch predictor hardening for Falkor (bsc#1068032).
- arm64: Initialise high_memory global variable earlier (bnc#1012382).
- arm64: introduce an order for exceptions (bsc#1068032).
- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).
- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).
- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).
- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).
- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).
- arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set (bnc#1012382).
- arm64: kill ESR_LNX_EXEC (bsc#1068032).
- arm64: kpti: Add ->enable callback to remap swapper using nG mappings (bsc#1068032).
- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).
- arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0() (bsc#1068032).
- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bsc#1076232).
- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm64: kvm: Make PSCI_VERSION a fast path (bsc#1068032).
- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).
- arm64: Make USER_DS an inclusive limit (bsc#1068032).
- arm64: Mask all exceptions during kernel_exit (bsc#1068032).
- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).
- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).
- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: hardcode rodata=true (bsc#1068032).
- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).
- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).
- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).
- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).
- arm64: mm: Permit transitioning from Global to Non-Global without BBM (bsc#1068032).
- arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 (bsc#1068032).
- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).
- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).
- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).
- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).
- arm64: move TASK_* definitions to <asm/processor.h> (bsc#1068032).
- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).
- arm64: Run enable method for errata work arounds on late CPUs (bsc#1085045).
- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).
- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).
- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).
- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).
- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).
- arm64: thunderx2: remove branch predictor hardening References: bsc#1076232 This causes undefined instruction abort on the smc call from guest kernel. Disable until kvm is fixed.
- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).
- arm64: Turn on KPTI only on CPUs that need it (bsc#1076187).
- arm64: uaccess: Do not bother eliding access_ok checks in __{get, put}_user (bsc#1068032).
- arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user (bsc#1068032).
- arm64: uaccess: Prevent speculative use of the current addr_limit (bsc#1068032).
- arm64: use alternative auto-nop (bsc#1068032).
- arm64: Use pointer masking to limit uaccess speculation (bsc#1068032).
- arm64: use RET instruction for exiting the trampoline (bsc#1068032).
- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).
- arm: 8731/1: Fix csum_partial_copy_from_user() stack mismatch (bnc#1012382).
- arm: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function (bnc#1012382).
- arm/arm64: kvm: Make default HYP mappings non-excutable (bsc#1068032).
- arm: avoid faulting on qemu (bnc#1012382).
- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).
- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).
- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).
- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).
- arm: dts: am4372: Correct the interrupts_properties of McASP (bnc#1012382).
- arm: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen (bnc#1012382).
- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).
- arm: dts: ls1021a: fix incorrect clock references (bnc#1012382).
- arm: dts: s5pv210: add interrupt-parent for ohci (bnc#1012382).
- arm: dts: STi: Add gpio polarity for 'hdmi,hpd-gpio' property (bnc#1012382).
- arm: dts: ti: fix PCI bus dtc warnings (bnc#1012382).
- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).
- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).
- arm: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).
- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).
- arm: OMAP2+: Fix device node reference counts (bnc#1012382).
- arm: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context (bnc#1012382).
- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).
- arm: omap2: hide omap3_save_secure_ram on non-OMAP3 builds (git-fixes).
- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).
- arm: pxa/tosa-bt: add MODULE_LICENSE tag (bnc#1012382).
- arm: spear13xx: Fix dmas cells (bnc#1012382).
- arm: spear13xx: Fix spics gpio controller's warning (bnc#1012382).
- arm: spear600: Add missing interrupt-parent of rtc (bnc#1012382).
- arm: tegra: select USB_ULPI from EHCI rather than platform (bnc#1012382).
- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).
- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).
- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).
- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bsc#1031717).
- ASoC: Intel: Kconfig: fix build when ACPI is not enabled (bnc#1012382).
- ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()' (bsc#1031717).
- ASoC: mediatek: add i2c dependency (bnc#1012382).
- ASoC: nuc900: Fix a loop timeout test (bsc#1031717).
- asoc: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
- ASoC: rockchip: disable clock on error (bnc#1012382).
- asoc: rsnd: avoid duplicate free_irq() (bnc#1012382).
- asoc: rsnd: do not call free_irq() on Parent SSI (bnc#1012382).
- asoc: simple-card: Fix misleading error message (bnc#1012382).
- ASoC: ux500: add MODULE_LICENSE tag (bnc#1012382).
- ata: ahci_xgene: free structure returned by acpi_get_object_info() (bsc#1082979).
- ata: pata_artop: remove redundant initialization of pio (bsc#1082979).
- ata: sata_dwc_460ex: remove incorrect locking (bsc#1082979).
- ath9k: fix tx99 potential info leak (bnc#1012382).
- atm: horizon: Fix irq release error (bnc#1012382).
- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).
- axonram: Fix gendisk handling (bnc#1012382).
- b2c2: flexcop: avoid unused function warnings (bnc#1012382).
- backlight: pwm_bl: Fix overflow condition (bnc#1012382).
- bcache: add a comment in journal bucket reading (bsc#1076110).
- bcache: Avoid nested function definition (bsc#1076110).
- bcache: bch_allocator_thread() is not freezable (bsc#1076110).
- bcache: bch_writeback_thread() is not freezable (bsc#1076110).
- bcache: check return value of register_shrinker (bsc#1076110).
- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).
- bcache: documentation updates and corrections (bsc#1076110).
- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).
- bcache: do not write back data if reading it failed (bsc#1076110).
- bcache: explicitly destroy mutex while exiting (bnc#1012382).
- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).
- bcache: fix sequential large write IO bypass (bsc#1076110).
- bcache: fix wrong cache_misses statistics (bnc#1012382).
- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).
- bcache: implement PI controller for writeback rate (bsc#1076110).
- bcache: increase the number of open buckets (bsc#1076110).
- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).
- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110, bsc#1019784).
- bcache: rearrange writeback main thread ratelimit (bsc#1076110).
- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).
- bcache: Remove redundant set_capacity (bsc#1076110).
- bcache: remove unused parameter (bsc#1076110).
- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085).
- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).
- bcache: silence static checker warning (bsc#1076110).
- bcache: smooth writeback rate control (bsc#1076110).
- bcache.txt: standardize document format (bsc#1076110).
- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).
- bcache: update bucket_in_use in real time (bsc#1076110).
- bcache: Update continue_at() documentation (bsc#1076110).
- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).
- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).
- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).
- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).
- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844 FATE#320192).
- binder: add missing binder_unlock() (bnc#1012382).
- binder: check for binder_thread allocation failure in binder_poll() (bnc#1012382).
- binfmt_elf: compat: avoid unused function warning (bnc#1012382).
- blacklist acb1feab320e powerpc/64: Do not trace irqs-off at interrupt return to soft-disabled context
- blacklist.conf: Blacklist 9d25e3cc83d731ae4eeb017fd07562fde3f80bef Exynos IOMMU is not enabled in any config.
- blacklist.conf: blacklist d207af2eab3f8668b95ad02b21930481c42806fd
- blacklist.conf: blacklist too intrusive patches (bsc#1082979)
- blacklist.conf: commit fd5f7cde1b85d4c8e09 ('printk: Never set console_may_schedule in console_trylock()')
- blacklist.conf: da391d640c528bc5bb227ea5b39c882b75ac3167 Comment-only fix
- blk-mq: add warning to __blk_mq_run_hw_queue() for ints disabled (bsc#1084772).
- blk-mq: stop 'delayed_run_work' in blk_mq_stop_hw_queue() (bsc#1084967).
- blk-mq: turn WARN_ON in __blk_mq_run_hw_queue into printk (bsc#1084772).
- blktrace: fix unlocked registration of tracepoints (bnc#1012382).
- block: fix an error code in add_partition() (bsc#1082979).
- block: Fix __bio_integrity_endio() documentation (bsc#1082979).
- block: wake up all tasks blocked in get_request() (bnc#1012382).
- bluetooth: btsdio: Do not bind to non-removable BCM43341 (bnc#1012382).
- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).
- bluetooth: btusb: Restore QCA Rome suspend/resume fix with a 'rewritten' version (bnc#1012382).
- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).
- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).
- bnx2x: Improve reliability in case of nested PCI errors (bnc#1012382).
- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).
- bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine (bnc#1012382).
- bpf: arsh is not supported in 32 bit alu thus reject it (bnc#1012382).
- bpf: avoid false sharing of map refcount with max_entries (bnc#1012382).
- bpf: fix 32-bit divide by zero (bnc#1012382).
- bpf: fix bpf_tail_call() x64 JIT (bnc#1012382).
- bpf: fix divides by zero (bnc#1012382).
- bpf: introduce BPF_JIT_ALWAYS_ON config (bnc#1012382).
- bpf: reject stores into ctx via st and xadd (bnc#1012382).
- bridge: implement missing ndo_uninit() (bsc#1042286).
- bridge: move bridge multicast cleanup to ndo_uninit (bsc#1042286).
- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).
- btrfs: copy fsid to super_block s_uuid (bsc#1080774).
- btrfs: fix crash due to not cleaning up tree log block's dirty bits (bnc#1012382).
- btrfs: fix deadlock in run_delalloc_nocow (bnc#1012382).
- btrfs: fix deadlock when writing out space cache (bnc#1012382).
- btrfs: Fix possible off-by-one in btrfs_search_path_in_tree (bnc#1012382).
- btrfs: Fix quota reservation leak on preallocated files (bsc#1079989).
- btrfs: fix unexpected -EEXIST when creating new inode (bnc#1012382).
- btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker (bnc#1012382).
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: flex_can: Correct the checking for frame length in flexcan_start_xmit() (bnc#1012382).
- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).
- can: kvaser_usb: free buf in error paths (bnc#1012382).
- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).
- can: peak: fix potential bug in packet fragmentation (bnc#1012382).
- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- cdc-acm: apply quirk for card reader (bsc#1060279).
- cdrom: factor out common open_for_* code (bsc#1048585).
- cdrom: turn off autoclose by default (bsc#1080813).
- cdrom: wait for tray to close (bsc#1048585).
- ceph: fix incorrect snaprealm when adding caps (bsc#1081735).
- ceph: fix un-balanced fsc->writeback_count update (bsc#1081735).
- ceph: more accurate statfs (bsc#1077068).
- cfg80211: check dev_set_name() return value (bnc#1012382).
- cfg80211: fix cfg80211_beacon_dup (bnc#1012382).
- cifs: dump IPC tcon in debug proc file (bsc#1071306).
- cifs: Fix autonegotiate security settings mismatch (bnc#1012382).
- cifs: Fix missing put_xid in cifs_file_strict_mmap (bnc#1012382).
- cifs: make IPC a regular tcon (bsc#1071306).
- cifs: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl (bsc#1071306).
- cifs: zero sensitive data when freeing (bnc#1012382).
- clk: fix a panic error caused by accessing NULL pointer (bnc#1012382).
- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).
- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).
- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).
- config: arm64: enable HARDEN_BRANCH_PREDICTOR
- config: arm64: enable UNMAP_KERNEL_AT_EL0
- console/dummy: leave .con_font_get set to NULL (bnc#1012382).
- cpufreq: Add Loongson machine dependencies (bnc#1012382).
- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).
- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).
- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).
- crypto: aesni - handle zero length dst buffer (bnc#1012382).
- crypto: af_alg - whitelist mask and type (bnc#1012382).
- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).
- crypto: caam - fix endless loop when DECO acquire fails (bnc#1012382).
- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).
- crypto: chelsio - select CRYPTO_GF128MUL (bsc#1048325).
- crypto: cryptd - pass through absence of ->setkey() (bnc#1012382).
- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).
- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).
- crypto: hash - introduce crypto_hash_alg_has_setkey() (bnc#1012382).
- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).
- crypto: n2 - cure use after free (bnc#1012382).
- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).
- crypto: poly1305 - remove ->setkey() method (bnc#1012382).
- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).
- crypto: s5p-sss - Fix kernel Oops in AES-ECB mode (bnc#1012382).
- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).
- crypto: tcrypt - fix S/G table for test_aead_speed() (bnc#1012382).
- crypto: x86/twofish-3way - Fix %rbp usage (bnc#1012382).
- cw1200: fix bogus maybe-uninitialized warning (bnc#1012382).
- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).
- dax: Pass detailed error code from __dax_fault() (bsc#1072484).
- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).
- dccp: limit sk_filter trim to payload (bsc#1042286).
- Deadly BUG_ON() had not been removed after all, merely relocated. (bnc#1083056)
- delay: add poll_event_interruptible (bsc#1048585).
- dell-wmi, dell-laptop: depends DMI (bnc#1012382).
- direct-io: Fix sleep in atomic due to sync AIO (bsc#1084888).
- dlm: fix double list_del() (bsc#1082795).
- dlm: fix malfunction of dlm_tool caused by debugfs changes (bsc#1077704).
- dlm: fix NULL pointer dereference in send_to_sock() (bsc#1082795).
- dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved (bnc#1012382).
- dmaengine: dmatest: fix container_of member in dmatest_callback (bnc#1012382).
- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).
- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).
- dmaengine: ioat: Fix error handling path (bnc#1012382).
- dmaengine: jz4740: disable/unprepare clk if probe fails (bnc#1012382).
- dmaengine: pl330: fix double lock (bnc#1012382).
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).
- dmaengine: zx: fix build warning (bnc#1012382).
- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).
- dm: correctly handle chained bios in dec_pending() (bnc#1012382).
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).
- dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock (bnc#1012382).
- do not put symlink bodies in pagecache into highmem (bnc#1012382).
- dpt_i2o: fix build warning (bnc#1012382).
- driver-core: use 'dev' argument in dev_dbg_ratelimited stub (bnc#1012382).
- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).
- drivers: hv: balloon: Correctly update onlined page count (fate#315887, bsc#1082632).
- drivers: hv: balloon: Initialize last_post_time on startup (fate#315887, bsc#1082632).
- drivers: hv: balloon: Show the max dynamic memory assigned (fate#315887, bsc#1082632).
- drivers: hv: kvp: Use MAX_ADAPTER_ID_SIZE for translating adapter id (fate#315887, bsc#1082632).
- drivers: hv: Turn off write permission on the hypercall page (fate#315887, bsc#1082632).
- drivers: hv: vmbus: Fix rescind handling (fate#315887, bsc#1082632).
- drivers: hv: vmbus: Fix rescind handling issues (fate#315887, bsc#1082632).
- drivers/net: fix eisa_driver probe section mismatch (bnc#1012382).
- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).
- drm/amdgpu: Avoid leaking PM domain on driver unbind (v2) (bnc#1012382).
- drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode (bnc#1012382).
- drm/amdkfd: Fix SDMA oversubsription handling (bnc#1012382).
- drm/amdkfd: Fix SDMA ring buffer size calculation (bnc#1012382).
- drm/armada: fix leak of crtc structure (bnc#1012382).
- drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA (bnc#1012382).
- drm: extra printk() wrapper macros (bnc#1012382).
- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).
- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).
- drm/gma500: remove helper function (bnc#1012382).
- drm/gma500: Sanity-check pipe index (bnc#1012382).
- drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized (bnc#1012382).
- drm/nouveau/pci: do a msi rearm on init (bnc#1012382).
- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).
- drm/radeon: adjust tested variable (bnc#1012382).
- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).
- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).
- drm: rcar-du: Fix race condition when disabling planes at CRTC stop (bnc#1012382).
- drm: rcar-du: Use the VBK interrupt for vblank events (bnc#1012382).
- drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all (bnc#1012382).
- drm/ttm: check the return value of kzalloc (bnc#1012382).
- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).
- drm/vmwgfx: use *_32_bits() macros (bnc#1012382).
- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).
- e1000: fix disabling already-disabled warning (bnc#1012382).
- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).
- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).
- edac, octeon: Fix an uninitialized variable warning (bnc#1012382).
- edac, sb_edac: Fix missing break in switch (bnc#1012382).
- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).
- efi: Move some sysfs files to be read-only by root (bnc#1012382).
- em28xx: only use mt9v011 if camera support is enabled (bnc#1012382).
- enable DST_CACHE in non-vanilla configs except s390x/zfcpdump
- eventpoll.h: add missing epoll event masks (bnc#1012382).
- ext4: correct documentation for grpid mount option (bnc#1012382).
- ext4: do not unnecessarily allocate buffer in recently_deleted() (bsc#1080344).
- ext4: fix crash when a directory's i_size is too small (bnc#1012382).
- ext4: Fix data exposure after failed AIO DIO (bsc#1069135 bsc#1082864).
- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).
- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).
- ext4: save error to disk in __ext4_grp_locked_error() (bnc#1012382).
- f2fs: fix a bug caused by NULL extent tree (bsc#1082478).
- fbdev: auo_k190x: avoid unused function warnings (bnc#1012382).
- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).
- fbdev: s6e8ax0: avoid unused function warnings (bnc#1012382).
- fbdev: sis: enforce selection of at least one backend (bnc#1012382).
- fbdev: sm712fb: avoid unused function warnings (bnc#1012382).
- Fix build error in vma.c (bnc#1012382).
- Fixup hang when calling 'nvme list' on all paths down (bsc#1070052).
- fjes: Fix wrong netdevice feature flags (bnc#1012382).
- flow_dissector: properly cap thoff field (bnc#1012382).
- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).
- fork: clear thread stack upon allocation (bsc#1077560).
- fs: Avoid invalidation in interrupt context in dio_complete() (bsc#1073407 bsc#1069135).
- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).
- fs: Fix page cache inconsistency when mixing buffered and AIO DIO (bsc#1073407 bsc#1069135).
- fs: invalidate page cache after end_io() in dio completion (bsc#1073407 bsc#1069135).
- ftrace: Remove incorrect setting of glob search field (bnc#1012382).
- futex: Prevent overflow by strengthen input validation (bnc#1012382).
- gcov: disable for COMPILE_TEST (bnc#1012382).
- geneve: fix populating tclass in geneve_get_v6_dst (bsc#1042286).
- genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg (bnc#1012382).
- genirq/msi: Fix populating multiple interrupts (bsc#1085047).
- genirq: Restore trigger settings in irq_modify_status() (bsc#1085056).
- genksyms: Fix segfault with invalid declarations (bnc#1012382).
- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).
- gianfar: fix a flooded alignment reports because of padding issue (bnc#1012382).
- go7007: add MEDIA_CAMERA_SUPPORT dependency (bnc#1012382).
- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).
- gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE (bnc#1012382).
- gpio: intel-mid: Fix build warning when !CONFIG_PM (bnc#1012382).
- gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
- gpio: xgene: mark PM functions as __maybe_unused (bnc#1012382).
- grace: replace BUG_ON by WARN_ONCE in exit_net hook (bnc#1012382).
- gre: build header correctly for collect metadata tunnels (bsc#1042286).
- gre: do not assign header_ops in collect metadata mode (bsc#1042286).
- gre: do not keep the GRE header around in collect medata mode (bsc#1042286).
- gre: reject GUE and FOU in collect metadata mode (bsc#1042286).
- hdpvr: hide unused variable (bnc#1012382).
- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).
- hid: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working (bnc#1012382).
- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).
- hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close (bnc#1012382).
- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) (bnc#1012382).
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).
- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).
- hv_netvsc: Add ethtool handler to set and get TCP hash levels (fate#315887, bsc#1082632).
- hv_netvsc: Add ethtool handler to set and get UDP hash levels (fate#315887, bsc#1082632).
- hv_netvsc: Add initialization of tx_table in netvsc_device_add() (fate#315887, bsc#1082632).
- hv_netvsc: Change the hash level variable to bit flags (fate#315887, bsc#1082632).
- hv_netvsc: Clean up an unused parameter in rndis_filter_set_rss_param() (fate#315887, bsc#1082632).
- hv_netvsc: Clean up unused parameter from netvsc_get_hash() (fate#315887, bsc#1082632).
- hv_netvsc: Clean up unused parameter from netvsc_get_rss_hash_opts() (fate#315887, bsc#1082632).
- hv_netvsc: copy_to_send buf can be void (fate#315887, bsc#1082632).
- hv_netvsc: do not need local xmit_more (fate#315887, bsc#1082632).
- hv_netvsc: drop unused macros (fate#315887, bsc#1082632).
- hv_netvsc: empty current transmit aggregation if flow blocked (fate#315887, bsc#1082632).
- hv_netvsc: Fix rndis_filter_close error during netvsc_remove (fate#315887, bsc#1082632).
- hv_netvsc: fix send buffer failure on MTU change (fate#315887, bsc#1082632).
- hv_netvsc: Fix the channel limit in netvsc_set_rxfh() (fate#315887, bsc#1082632).
- hv_netvsc: Fix the real number of queues of non-vRSS cases (fate#315887, bsc#1082632).
- hv_netvsc: Fix the receive buffer size limit (fate#315887, bsc#1082632).
- hv_netvsc: Fix the TX/RX buffer default sizes (fate#315887, bsc#1082632).
- hv_netvsc: hide warnings about uninitialized/missing rndis device (fate#315887, bsc#1082632).
- hv_netvsc: make const array ver_list static, reduces object code size (fate#315887, bsc#1082632).
- hv_netvsc: optimize initialization of RNDIS header (fate#315887, bsc#1082632).
- hv_netvsc: pass netvsc_device to receive callback (fate#315887, bsc#1082632).
- hv_netvsc: remove open_cnt reference count (fate#315887, bsc#1082632).
- hv_netvsc: Rename ind_table to rx_table (fate#315887, bsc#1082632).
- hv_netvsc: Rename tx_send_table to tx_table (fate#315887, bsc#1082632).
- hv_netvsc: replace divide with mask when computing padding (fate#315887, bsc#1082632).
- hv_netvsc: report stop_queue and wake_queue (fate#315887, bsc#1082632).
- hv_netvsc: simplify function args in receive status path (fate#315887, bsc#1082632).
- hv_netvsc: Simplify the limit check in netvsc_set_channels() (fate#315887, bsc#1082632).
- hv_netvsc: track memory allocation failures in ethtool stats (fate#315887, bsc#1082632).
- hv: preserve kabi by keeping hv_do_hypercall (bnc#1082632).
- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).
- hwmon: (pmbus) Use 64bit math for DIRECT format values (bnc#1012382).
- hwrng: exynos - use __maybe_unused to hide pm functions (bnc#1012382).
- hyper-v: trace vmbus_ongpadl_created() (fate#315887, bsc#1082632).
- hyper-v: trace vmbus_ongpadl_torndown() (fate#315887, bsc#1082632).
- hyper-v: trace vmbus_on_message() (fate#315887, bsc#1082632).
- hyper-v: trace vmbus_on_msg_dpc() (fate#315887, bsc#1082632).
- hyper-v: trace vmbus_onoffer() (fate#315887, bsc#1082632).
- hyper-v: trace vmbus_onoffer_rescind() (fate#315887, bsc#1082632).
- hyper-v: trace vmbus_onopen_result() (fate#315887, bsc#1082632).
- hyper-v: trace vmbus_onversion_response() (fate#315887, bsc#1082632).
- hyper-v: Use fast hypercall for HVCALL_SIGNAL_EVENT (fate#315887, bsc#1082632).
- i2c: remove __init from i2c_register_board_info() (bnc#1012382).
- i40iw: Account for IPv6 header when setting MSS (bsc#1024376 FATE#321249).
- i40iw: Allocate a sdbuf per CQP WQE (bsc#1024376 FATE#321249).
- i40iw: Cleanup AE processing (bsc#1024376 FATE#321249).
- i40iw: Clear CQP Head/Tail during initialization (bsc#1024376 FATE#321249).
- i40iw: Correct ARP index mask (bsc#1024376 FATE#321249).
- i40iw: Correct Q1/XF object count equation (bsc#969476 FATE#319648 bsc#969477 FATE#319816).
- i40iw: Do not allow posting WR after QP is flushed (bsc#1024376 FATE#321249).
- i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE (bsc#1024376 FATE#321249).
- i40iw: Do not generate CQE for RTR on QP flush (bsc#1024376 FATE#321249).
- i40iw: Do not retransmit MPA request after it is ACKed (bsc#1024376 FATE#321249).
- i40iw: Fixes for static checker warnings (bsc#1024376 FATE#321249).
- i40iw: Fix sequence number for the first partial FPDU (bsc#969476 FATE#319648 bsc#969477 FATE#319816).
- i40iw: Fix the connection ORD value for loopback (bsc#969476 FATE#319648 bsc#969477 FATE#319816).
- i40iw: Ignore AE source field in AEQE for some AEs (bsc#1024376 FATE#321249).
- i40iw: Move cqp_cmd_head init to CQP initialization (bsc#1024376 FATE#321249).
- i40iw: Move exception_lan_queue to VSI structure (bsc#1024376 FATE#321249).
- i40iw: Move MPA request event for loopback after connect (bsc#1024376 FATE#321249).
- i40iw: Notify user of established connection after QP in RTS (bsc#1024376 FATE#321249).
- i40iw: Reinitialize IEQ on MTU change (bsc#1024376 FATE#321249).
- i40iw: Remove limit on re-posting AEQ entries to HW (bsc#969476 FATE#319648 bsc#969477 FATE#319816).
- i40iw: Selectively teardown QPs on IP addr change event (bsc#1024376 FATE#321249).
- i40iw: Validate correct IRD/ORD connection parameters (bsc#969476 FATE#319648 bsc#969477 FATE#319816).
- ib/hfi1: Fix for potential refcount leak in hfi1_open_file() (FATE#321231 FATE#321473).
- ib/hfi1: Fix misspelling in comment (bsc#973818, fate#319242).
- ib/hfi1: Prevent kernel QP post send hard lockups (bsc#973818 FATE#319242).
- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).
- ib/ipoib: Fix race condition in neigh creation (bsc#1022595 FATE#322350).
- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).
- ib/iser: Handle lack of memory management extentions correctly (bsc#1082979).
- ib/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports (bnc#1012382).
- ib/mlx4: Fix mlx4_ib_alloc_mr error flow (bnc#1012382).
- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).
- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).
- ib/mlx5: Serialize access to the VMA list (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- ibmvnic: Account for VLAN header length in TX buffers (bsc#1085239).
- ibmvnic: Account for VLAN tag in L2 Header descriptor (bsc#1085239).
- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).
- ibmvnic: Allocate max queues stats buffers (bsc#1081498).
- ibmvnic: Allocate statistics buffers during probe (bsc#1082993).
- ibmvnic: Check for NULL skb's in NAPI poll routine (bsc#1081134, git-fixes).
- ibmvnic: Clean RX pool buffers during device close (bsc#1081134).
- ibmvnic: Clean up device close (bsc#1084610).
- ibmvnic: Correct goto target for tx irq initialization failure (bsc#1082223).
- ibmvnic: Do not attempt to login if RX or TX queues are not allocated (bsc#1082993).
- ibmvnic: Do not disable device during failover or partition migration (bsc#1084610).
- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).
- ibmvnic: Ensure that buffers are NULL after free (bsc#1080014).
- ibmvnic: Fix early release of login buffer (bsc#1081134, git-fixes).
- ibmvnic: fix empty firmware version and errors cleanup (bsc#1079038).
- ibmvnic: fix firmware version when no firmware level has been provided by the VIOS server (bsc#1079038).
- ibmvnic: Fix IP offload control buffer (bsc#1076899).
- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).
- ibmvnic: Fix login buffer memory leaks (bsc#1081134).
- ibmvnic: Fix NAPI structures memory leak (bsc#1081134).
- ibmvnic: Fix pending MAC address changes (bsc#1075627).
- ibmvnic: Fix recent errata commit (bsc#1085239).
- ibmvnic: Fix rx queue cleanup for non-fatal resets (bsc#1080014).
- ibmvnic: Fix TX descriptor tracking again (bsc#1082993).
- ibmvnic: Fix TX descriptor tracking (bsc#1081491).
- ibmvnic: Free and re-allocate scrqs when tx/rx scrqs change (bsc#1081498).
- ibmvnic: Free RX socket buffer in case of adapter error (bsc#1081134).
- ibmvnic: Generalize TX pool structure (bsc#1085224).
- ibmvnic: Handle TSO backing device errata (bsc#1085239).
- ibmvnic: Harden TX/RX pool cleaning (bsc#1082993).
- ibmvnic: Improve TX buffer accounting (bsc#1085224).
- ibmvnic: Keep track of supplementary TX descriptors (bsc#1081491).
- ibmvnic: Make napi usage dynamic (bsc#1081498).
- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).
- ibmvnic: Move active sub-crq count settings (bsc#1081498).
- ibmvnic: Pad small packets to minimum MTU size (bsc#1085239).
- ibmvnic: queue reset when CRQ gets closed during reset (bsc#1080263).
- ibmvnic: Remove skb->protocol checks in ibmvnic_xmit (bsc#1080384).
- ibmvnic: Rename active queue count variables (bsc#1081498).
- ibmvnic: Reorganize device close (bsc#1084610).
- ibmvnic: Report queue stops and restarts as debug output (bsc#1082993).
- ibmvnic: Reset long term map ID counter (bsc#1080364).
- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).
- ibmvnic: Split counters for scrq/pools/napi (bsc#1082223).
- ibmvnic: Update and clean up reset TX pool routine (bsc#1085224).
- ibmvnic: Update release RX pool routine (bsc#1085224).
- ibmvnic: Update TX and TX completion routines (bsc#1085224).
- ibmvnic: Update TX pool initialization routine (bsc#1085224).
- ibmvnic: Wait for device response when changing MAC (bsc#1078681).
- ibmvnic: Wait until reset is complete to set carrier on (bsc#1081134).
- ib/qib: Fix comparison error with qperf compare/swap test (FATE#321231 FATE#321473).
- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (bsc#973818, fate#319242).
- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).
- ib/srpt: Fix ACL lookup during login (bsc#1024296 FATE#321265).
- ib/srpt: Remove an unused structure member (bsc#1082979).
- idle: i7300: add PCI dependency (bnc#1012382).
- igb: check memory allocation failure (bnc#1012382).
- igb: Free IRQs when device is hotplugged (bnc#1012382).
- iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels (bnc#1012382).
- iio: adis_lib: Initialize trigger before requesting interrupt (bnc#1012382).
- iio: buffer: check if a buffer has been set up when poll is called (bnc#1012382).
- ima: fix hash algorithm initialization (bnc#1012382).
- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).
- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).
- input: elantech - add new icbody type 15 (bnc#1012382).
- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).
- input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning (bnc#1012382).
- input: tca8418_keypad - remove double read of key event register (git-fixes).
- input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).
- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).
- input: twl6040-vibra - fix child-node lookup (bnc#1012382).
- input: twl6040-vibra - fix DT node memory management (bnc#1012382).
- intel_th: pci: Add Gemini Lake support (bnc#1012382).
- iommu/amd: Add align parameter to alloc_irq_index() (bsc#975772).
- iommu/amd: Enforce alignment for MSI IRQs (bsc#975772).
- iommu/amd: Fix alloc_irq_index() increment (bsc#975772).
- iommu/amd: Limit the IOVA page range to the specified addresses (fate#321026).
- iommu/arm-smmu-v3: Cope with duplicated Stream IDs (bsc#1084926).
- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).
- iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range (bsc#1084928).
- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).
- iommu/vt-d: Use domain instead of cache fetching (bsc#975772).
- ip6_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).
- ip6mr: fix stale iterator (bnc#1012382).
- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).
- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).
- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).
- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).
- ipmi: Stop timers before cleaning up the module (bnc#1012382).
- ip_tunnel: fix preempt warning in ip tunnel creation/updating (bnc#1012382).
- ip_tunnel: replace dst_cache with generic implementation (bnc#1012382).
- ipv4: allow local fragmentation in ip_finish_output_gso() (bsc#1042286).
- ipv4: fix checksum annotation in udp4_csum_init (bsc#1042286).
- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).
- ipv4: igmp: guard against silly MTU values (bnc#1012382).
- ipv4: ipconfig: avoid unused ic_proto_used symbol (bnc#1012382).
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).
- ipv4: update comment to document GSO fragmentation cases (bsc#1042286).
- ipv6: datagram: Refactor dst lookup and update codes to a new function (bsc#1042286).
- ipv6: datagram: Refactor flowi6 init codes to a new function (bsc#1042286).
- ipv6: datagram: Update dst cache of a connected datagram sk during pmtu update (bsc#1042286).
- ipv6: fix checksum annotation in udp6_csum_init (bsc#1042286).
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).
- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).
- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).
- ipv6: icmp6: Allow icmp messages to be looped back (bnc#1012382).
- ipv6/ila: fix nlsize calculation for lwtunnel (bsc#1042286).
- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).
- ipv6: mcast: better catch silly mtu values (bnc#1012382).
- ipv6: remove unused in6_addr struct (bsc#1042286).
- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).
- ipv6: tcp: fix endianness annotation in tcp_v6_send_response (bsc#1042286).
- ipv6: udp: Do a route lookup and update during release_cb (bsc#1042286).
- ipvlan: Add the skb->mark as flow4's member to lookup route (bnc#1012382).
- ipvlan: fix ipv6 outbound device (bnc#1012382).
- ipvlan: fix multicast processing (bsc#1042286).
- ipvlan: fix various issues in ipvlan_process_multicast() (bsc#1042286).
- ipvlan: remove excessive packet scrubbing (bsc#1070799).
- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).
- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).
- irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq() (bnc#1012382).
- iscsi_iser: Re-enable 'iser_pi_guard' module parameter (bsc#1062129).
- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).
- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).
- isdn: eicon: reduce stack size of sig_ind function (bnc#1012382).
- isdn: icn: remove a #warning (bnc#1012382).
- isdn: kcapi: avoid uninitialized data (bnc#1012382).
- isdn: sc: work around type mismatch warning (bnc#1012382).
- iser-target: Fix possible use-after-free in connection establishment error (FATE#321732).
- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).
- ixgbe: fix use of uninitialized padding (bnc#1012382).
- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (git-fixes).
- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).
- Kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076805).
- kABI: protect struct bpf_map (kabi).
- kABI: protect struct cpuinfo_x86 (kabi).
- kABI: protect struct ethtool_link_settings (bsc#1085050).
- kABI: protect struct ip_tunnel and reintroduce ip_tunnel_dst_reset_all (kabi).
- kABI: protect struct ipv6_pinfo (kabi).
- kABI: protect struct t10_alua_tg_pt_gp (kabi).
- kABI: protect struct usbip_device (kabi).
- kABI: reintroduce crypto_poly1305_setkey (kabi).
- kabi: restore kabi after 'net: replace dst_cache ip6_tunnel implementation with the generic one' (bsc#1082897).
- kabi: restore nft_set_elem_destroy() signature (bsc#1042286).
- kabi: restore rhashtable_insert_slow() signature (bsc#1042286).
- kabi/severities: add sclp to KABI ignore list
- kabi/severities: add __x86_indirect_thunk_rsp
- kabi/severities: arm64: ignore cpu capability array
- kabi/severities: as per bsc#1068569 we can ignore XFS kabi The gods have spoken, let there be light.
- kabi/severities: do not care about stuff_RSB
- kabi/severities: Ignore kvm for KABI severities
- kabi: uninline sk_receive_skb() (bsc#1042286).
- kaiser: fix compile error without vsyscall (bnc#1012382).
- kaiser: fix intel_bts perf crashes (bnc#1012382).
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kasan: rework Kconfig settings (bnc#1012382).
- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).
- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).
- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).
- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).
- kernel/async.c: revert 'async: simplify lowest_in_progress()' (bnc#1012382).
- kernel: fix rwlock implementation (bnc#1079886, LTC#164371).
- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).
- kernfs: fix regression in kernfs_fop_write caused by wrong type (bnc#1012382).
- keys: add missing permission check for request_key() destination (bnc#1012382).
- keys: encrypted: fix buffer overread in valid_master_desc() (bnc#1012382).
- kmemleak: add scheduling point to kmemleak_scan() (bnc#1012382).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).
- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).
- kpti: Report when enabled (bnc#1012382).
- kvm: add X86_LOCAL_APIC dependency (bnc#1012382).
- kvm: ARM64: fix phy counter access failure in guest (bsc#1085015).
- kvm: arm/arm64: Check pagesize when allocating a hugepage at Stage 2 (bsc#1079029).
- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).
- kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types (bnc#1012382).
- kvm: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bnc#1012382).
- kvm: nVMX: invvpid handling improvements (bnc#1012382).
- kvm: nVMX: kmap() can't fail (bnc#1012382).
- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).
- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).
- kvm: nVMX: vmx_complete_nested_posted_interrupt() can't fail (bnc#1012382).
- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).
- kvm: PPC: Book3S PR: Fix svcpu copying with preemption enabled (bsc#1066223).
- kvm: s390: Add operation exception interception handler (FATE#324070, LTC#158959).
- kvm: s390: Add sthyi emulation (FATE#324070, LTC#158959).
- kvm: s390: Enable all facility bits that are known good for passthrough (bsc#1076805).
- kvm: s390: Enable all facility bits that are known good for passthrough (FATE#324071, LTC#158956).
- kvm: s390: Extend diag 204 fields (FATE#324070, LTC#158959).
- kvm: s390: Fix STHYI buffer alignment for diag224 (FATE#324070, LTC#158959).
- kvm: s390: instruction-execution-protection support (LTC#162428).
- kvm: s390: Introduce BCD Vector Instructions to the guest (FATE#324072, LTC#158953).
- kvm: s390: Introduce Vector Enhancements facility 1 to the guest (FATE#324072, LTC#158953).
- kvm: s390: Limit sthyi execution (FATE#324070, LTC#158959).
- kvm: s390: Populate mask of non-hypervisor managed facility bits (FATE#324071, LTC#158956).
- kvm: s390: wire up bpb feature (bsc#1076805).
- kvm: VMX: clean up declaration of VPID/EPT invalidation types (bnc#1012382).
- kvm: VMX: Fix enable VPID conditions (bnc#1012382).
- kvm: VMX: Fix rflags cache during vCPU reset (bnc#1012382).
- kvm: VMX: Make indirect call speculation safe (bnc#1012382).
- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).
- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382 bsc#1068032).
- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).
- kvm: x86: correct async page present tracepoint (bnc#1012382).
- kvm: x86: Do not re-execute instruction when not passing CR2 value (bnc#1012382).
- kvm: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure (bnc#1012382).
- kvm: x86: fix escape of guest dr6 to the host (bnc#1012382).
- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).
- kvm: X86: Fix operand/address-size during instruction decoding (bnc#1012382).
- kvm: x86: fix RSM when PCID is non-zero (bnc#1012382).
- kvm: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered (bnc#1012382).
- kvm: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race (bnc#1012382).
- kvm: x86: ioapic: Preserve read-only values in the redirection table (bnc#1012382).
- kvm: x86: Make indirect calls in emulator speculation safe (bnc#1012382).
- kvm/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods (bnc#1012382).
- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).
- l2tp: fix use-after-free during module unload (bsc#1042286).
- lan78xx: Fix failure in USB Full Speed (bnc#1012382).
- led: core: Fix brightness setting when setting delay_off=0 (bnc#1012382).
- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).
- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).
- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).
- libceph: check kstrndup() return value (bsc#1081735).
- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).
- lib/mpi: Fix umul_ppmm() for MIPS64r6 (bnc#1012382).
- lib/uuid.c: introduce a few more generic helpers (fate#315887, bsc#1082632).
- lib/uuid.c: use correct offset in uuid parser (fate#315887, bsc#1082632).
- livepatch: introduce shadow variable API (bsc#1082299 fate#313296). Shadow variables support.
- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c (bsc#1082299 fate#313296). Shadow variables support.
- lockd: fix 'list_add double add' caused by legacy signal interface (bnc#1012382).
- loop: fix concurrent lo_open/lo_release (bnc#1012382).
- mac80211: fix the update of path metric for RANN frame (bnc#1012382).
- mac80211: mesh: drop frames appearing to be from us (bnc#1012382).
- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).
- Make DST_CACHE a silent config option (bnc#1012382).
- mdio-sun4i: Fix a memory leak (bnc#1012382).
- md: more open-coded offset_in_page() (bsc#1076110).
- md/raid1: Use a new variable to count flighting sync requests(bsc#1083048)
- media: cxusb, dib0700: ignore XC2028_I2C_FLUSH (bnc#1012382).
- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).
- media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (bnc#1012382).
- media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (bnc#1012382).
- media: r820t: fix r820t_write_reg for KASAN (bnc#1012382).
- media: s5k6aa: describe some function parameters (bnc#1012382).
- media: soc_camera: soc_scale_crop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
- media: ts2020: avoid integer overflows on 32 bit machines (bnc#1012382).
- media: usbtv: add a new usbid (bnc#1012382).
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).
- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).
- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).
- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (bnc#1012382).
- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).
- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (bnc#1012382).
- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).
- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (bnc#1012382).
- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).
- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).
- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).
- mfd: twl6040: Fix child-node lookup (bnc#1012382).
- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET (bnc#1012382).
- MIPS: AR7: ensure the port type's FCR value is used (bnc#1012382).
- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET (bnc#1012382).
- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses (bnc#1012382).
- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012382).
- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA (bnc#1012382).
- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET (bnc#1012382).
- MIPS: math-emu: Fix final emulation phase for certain instructions (bnc#1012382).
- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task (bnc#1012382).
- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).
- mlxsw: reg: Fix SPVM max record count (bnc#1012382).
- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).
- mmc: bcm2835: Do not overwrite max frequency unconditionally (bsc#983145, git-fixes).
- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).
- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).
- mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep (bnc#1012382).
- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).
- mm: hide a #warning for COMPILE_TEST (bnc#1012382).
- mm/kmemleak.c: make cond_resched() rate-limiting more efficient (git-fixes).
- mm/mprotect: add a cond_resched() inside change_pmd_range() (bnc#1077871, bnc#1078002).
- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1081500).
- mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed (bnc#1012382).
- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).
- mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy (bnc#1012382).
- modsign: hide openssl output in silent builds (bnc#1012382).
- module: Add retpoline tag to VERMAGIC (bnc#1012382).
- module/retpoline: Warn about missing retpoline in module (bnc#1012382).
- module: set __jump_table alignment to 8 (bnc#1012382).
- more bio_map_user_iov() leak fixes (bnc#1012382).
- mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bsc#1078583).
- mptfusion: hide unused seq_mpt_print_ioc_summary function (bnc#1012382).
- mtd: cfi: convert inline functions to macros (bnc#1012382).
- mtd: cfi: enforce valid geometry configuration (bnc#1012382).
- mtd: ichxrom: maybe-uninitialized with gcc-4.9 (bnc#1012382).
- mtd: maps: add __init attribute (bnc#1012382).
- mtd: nand: brcmnand: Disable prefetch by default (bnc#1012382).
- mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
- mtd: nand: Fix nand_do_read_oob() return value (bnc#1012382).
- mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM (bnc#1012382).
- mtd: nand: sunxi: Fix ECC strength choice (bnc#1012382).
- mtd: sh_flctl: pass FIFO as physical address (bnc#1012382).
- mvpp2: fix multicast address filter (bnc#1012382).
- ncpfs: fix unused variable warning (bnc#1012382).
- ncr5380: shut up gcc indentation warning (bnc#1012382).
- net: add dst_cache support (bnc#1012382).
- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).
- net/appletalk: Fix kernel memory disclosure (bnc#1012382).
- net: arc_emac: fix arc_emac_rx() error paths (bnc#1012382).
- net: avoid skb_warn_bad_offload on IS_ERR (bnc#1012382).
- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).
- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).
- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).
- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).
- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).
- net: cdc_ncm: initialize drvflags before usage (bnc#1012382).
- net: core: fix module type in sock_diag_bind (bnc#1012382).
- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).
- net: dst_cache_per_cpu_dst_set() can be static (bnc#1012382).
- net: ena: add detection and recovery mechanism for handling missed/misrouted MSI-X (bsc#1083548).
- net: ena: add new admin define for future support of IPv6 RSS (bsc#1083548).
- net: ena: add power management ops to the ENA driver (bsc#1083548).
- net: ena: add statistics for missed tx packets (bsc#1083548).
- net: ena: fix error handling in ena_down() sequence (bsc#1083548).
- net: ena: fix race condition between device reset and link up setup (bsc#1083548).
- net: ena: fix rare kernel crash when bar memory remap fails (bsc#1083548).
- net: ena: fix wrong max Tx/Rx queues on ethtool (bsc#1083548).
- net: ena: improve ENA driver boot time (bsc#1083548).
- net: ena: increase ena driver version to 1.3.0 (bsc#1083548).
- net: ena: increase ena driver version to 1.5.0 (bsc#1083548).
- net: ena: reduce the severity of some printouts (bsc#1083548).
- net: ena: remove legacy suspend suspend/resume support (bsc#1083548).
- net: ena: Remove redundant unlikely() (bsc#1083548).
- net: ena: unmask MSI-X only after device initialization is completed (bsc#1083548).
- net: ethernet: cavium: Correct Cavium Thunderx NIC driver names accordingly to module name (bsc#1085011).
- net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit (bnc#1012382).
- net: ethtool: Add back transceiver type (bsc#1085050).
- net: ethtool: remove error check for legacy setting transceiver type (bsc#1085050).
- net: fec: fix multicast filtering hardware setup (bnc#1012382).
- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).
- netfilter: do not track fragmented packets (bnc#1012382).
- netfilter: drop outermost socket lock in getsockopt() (bnc#1012382).
- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).
- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).
- netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check() (bnc#1012382).
- netfilter: ipvs: avoid unused variable warnings (bnc#1012382).
- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).
- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).
- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).
- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).
- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).
- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).
- netfilter: nf_queue: Make the queue_handler pernet (bnc#1012382).
- netfilter: nf_tables: fix a wrong check to skip the inactive rules (bsc#1042286).
- netfilter: nf_tables: fix inconsistent element expiration calculation (bsc#1042286).
- netfilter: nf_tables: fix *leak* when expr clone fail (bsc#1042286).
- netfilter: nf_tables: fix race when create new element in dynset (bsc#1042286).
- netfilter: on sockopt() acquire sock lock only in the required scope (bnc#1012382).
- netfilter: tee: select NF_DUP_IPV6 unconditionally (bsc#1042286).
- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (bnc#1012382).
- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (bnc#1012382).
- netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert (bnc#1012382).
- netfilter: xt_socket: fix transparent match for IPv6 request sockets (bsc#1042286).
- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).
- net: gianfar_ptp: move set_fipers() to spinlock protecting area (bnc#1012382).
- net: hns: add ACPI mode support for ethtool -p (bsc#1084041).
- net: hp100: remove unnecessary #ifdefs (bnc#1012382).
- net: igmp: add a missing rcu locking section (bnc#1012382).
- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).
- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).
- net: initialize msg.msg_flags in recvfrom (bnc#1012382).
- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).
- net/ipv4: Introduce IPSKB_FRAG_SEGS bit to inet_skb_parm.flags (bsc#1042286).
- netlink: fix nla_put_{u8,u16,u32} for KASAN (bnc#1012382).
- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).
- net/mlx5: Avoid NULL pointer dereference on steering cleanup (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Cleanup IRQs in case of unload failure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Add refcount to VXLAN structure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Fix features check of IPv6 traffic (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare (bsc#1015342).
- net/mlx5e: Fix loopback self test when GRO is off (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5e: Fix possible deadlock of VXLAN lock (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Fix wrong delay calculation for overflow check scheduling (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Prevent possible races in VXLAN control flow (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Verify inline header size do not exceed SKB linear size (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Fix rate limit packet pacing naming and struct (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Stay in polling mode when command EQ destroy fails (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5: Use 128B cacheline size for 128B or larger cachelines (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).
- net: mvneta: clear interface link status on port disable (bnc#1012382).
- net: mvneta: eliminate wrong call to handle rx descriptor error (fate#319899).
- net: mvneta: use proper rxq_number in loop on rx queues (fate#319899).
- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).
- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).
- net: phy: Keep reporting transceiver type (bsc#1085050).
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).
- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).
- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).
- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).
- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).
- net: replace dst_cache ip6_tunnel implementation with the generic one (bnc#1012382).
- net: Resend IGMP memberships upon peer notification (bnc#1012382).
- net_sched: red: Avoid devision by zero (bnc#1012382).
- net_sched: red: Avoid illegal values (bnc#1012382).
- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).
- net/smc: fix NULL pointer dereference on sock_create_kern() error path (bsc#1082979).
- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).
- net: systemport: Pad packet before inserting TSB (bnc#1012382).
- net: systemport: Utilize skb_put_padto() (bnc#1012382).
- net: tcp: close sock if net namespace is exiting (bnc#1012382).
- netvsc: allow controlling send/recv buffer size (fate#315887, bsc#1082632).
- netvsc: allow driver to be removed even if VF is present (fate#315887, bsc#1082632).
- netvsc: check error return when restoring channels and mtu (fate#315887, bsc#1082632).
- netvsc: cleanup datapath switch (fate#315887, bsc#1082632).
- netvsc: do not signal host twice if empty (fate#315887, bsc#1082632).
- netvsc: fix deadlock betwen link status and removal (fate#315887, bsc#1082632).
- netvsc: increase default receive buffer size (fate#315887, bsc#1082632).
- netvsc: keep track of some non-fatal overload conditions (fate#315887, bsc#1082632).
- netvsc: no need to allocate send/receive on numa node (fate#315887, bsc#1082632).
- netvsc: propagate MAC address change to VF slave (fate#315887, bsc#1082632).
- netvsc: remove unnecessary cast of void pointer (fate#315887, bsc#1082632).
- netvsc: remove unnecessary check for NULL hdr (fate#315887, bsc#1082632).
- netvsc: whitespace cleanup (fate#315887, bsc#1082632).
- net: vxlan: lwt: Fix vxlan local traffic (bsc#1042286).
- net: vxlan: lwt: Use source ip address during route lookup (bsc#1042286).
- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).
- nfs: Add a cond_resched() to nfs_commit_release_pages() (bsc#1077779).
- nfs: commit direct writes even if they fail partially (bnc#1012382).
- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).
- nfsd: check for use of the closed special stateid (bnc#1012382).
- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (bnc#1012382).
- nfsd: Ensure we check stateid validity in the seqid operation checks (bnc#1012382).
- NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).
- NFSD: fix nfsd_reset_versions for NFSv4 (bnc#1012382).
- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (git-fixes).
- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).
- nfs: fix a deadlock in nfs client initialization (bsc#1074198).
- NFS: Fix a typo in nfs_rename() (bnc#1012382).
- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (bnc#1012382).
- nfs: reject request for id_legacy key without auxdata (bnc#1012382).
- nfs: Trunking detection should handle ERESTARTSYS/EINTR (bsc#1074198).
- NFSv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).
- NFSv4: Fix client recovery when server reboots multiple times (bnc#1012382).
- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).
- nvme_fc: cleanup io completion (bsc#1079609).
- nvme_fc: correct abort race condition on resets (bsc#1079609).
- nvme_fc: correct hang in nvme_ns_remove() (bsc#1075811).
- nvme_fc: fix abort race on teardown with lld reject (bsc#1083750).
- nvme_fc: fix ctrl create failures racing with workq items (bsc#1076982).
- nvme_fc: fix rogue admin cmds stalling teardown (bsc#1075811).
- nvme_fc: io timeout should defer abort to ctrl reset (bsc#1085054).
- nvme-fc: kick admin requeue list on disconnect (bsc#1077241).
- nvme-fc: merge error on sles12sp3 for reset_work (bsc#1079195).
- nvme_fc: minor fixes on sqsize (bsc#1076760).
- nvme_fc: on remoteport reuse, set new nport_id and role (bsc#1076760).
- nvme_fc: rework sqsize handling (bsc#1076760).
- nvme: Fix managing degraded controllers (bnc#1012382).
- nvme: Fix setting logical block format when revalidating (bsc#1079313).
- nvme: only start KATO if the controller is live (bsc#1083387).
- nvme-pci: clean up CMB initialization (bsc#1082979).
- nvme-pci: clean up SMBSZ bit definitions (bsc#1082979).
- nvme-pci: consistencly use ctrl->device for logging (bsc#1082979).
- nvme-pci: fix typos in comments (bsc#1082979).
- nvme-pci: Remap CMB SQ entries on every controller reset (bsc#1082979).
- nvme-pci: Remove watchdog timer (bsc#1066163).
- nvme-pci: Use PCI bus address for data/queues in CMB (bsc#1082979).
- nvme: Quirks for PM1725 controllers (bsc#1082979).
- nvme_rdma: clear NVME_RDMA_Q_LIVE bit if reconnect fails (bsc#1083770).
- nvme-rdma: fix concurrent reset and reconnect (bsc#1082979).
- nvme: remove nvme_revalidate_ns (bsc#1079313).
- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bsc#1070404).
- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).
- openvswitch: fix the incorrect flow action alloc size (bnc#1012382).
- ovl: fix failure to fsync lower dir (bnc#1012382).
- ovs/geneve: fix rtnl notifications on iface deletion (bsc#1042286).
- ovs/gre: fix rtnl notifications on iface deletion (bsc#1042286).
- ovs/gre,geneve: fix error path when creating an iface (bsc#1042286).
- ovs/vxlan: fix rtnl notifications on iface deletion (bsc#1042286).
- packet: fix crash in fanout_demux_rollover() (bnc#1012382).
- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).
- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).
- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).
- PCI/AER: Report non-fatal errors only to the affected endpoint (bnc#1012382).
- pci/ASPM: Do not retrain link if ASPM not possible (bnc#1071892).
- PCI: Avoid bus reset if bridge itself is broken (bnc#1012382).
- PCI: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).
- PCI: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).
- pci: hv: Do not sleep in compose_msi_msg() (fate#315887, bsc#1082632).
- pci: keystone: Fix interrupt-controller-node lookup (bnc#1012382).
- pci/MSI: Fix msi_desc->affinity memory leak when freeing MSI IRQs (bsc#1082979).
- PCI/PME: Handle invalid data when reading Root Status (bnc#1012382).
- PCI / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).
- perf bench numa: Fixup discontiguous/sparse numa nodes (bnc#1012382).
- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).
- perf test attr: Fix ignored test case result (bnc#1012382).
- perf top: Fix window dimensions change handling (bnc#1012382).
- perf/x86: Shut up false-positive -Wmaybe-uninitialized warning (bnc#1012382).
- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).
- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).
- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).
- pinctrl: sunxi: Fix A80 interrupt pin bank (bnc#1012382).
- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).
- pktcdvd: Fix pkt_setup_dev() error path (bnc#1012382).
- platform/x86: intel_mid_thermal: Fix suspend handlers unused warning (bnc#1012382).
- pm / devfreq: Propagate error from devfreq_add_device() (bnc#1012382).
- pm / wakeirq: Fix unbalanced IRQ enable for wakeirq (bsc#1031717).
- posix-timer: Properly check sigevent->sigev_notify (bnc#1012382).
- power: bq27xxx_battery: mark some symbols __maybe_unused (bnc#1012382).
- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).
- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64: Fix flush_(d|i)cache_range() called from modules (FATE#315275 LTC#103998 bnc#1012382 bnc#863764).
- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).
- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).
- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).
- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR (bnc#1012382).
- powerpc/64s: Improve RFI L1-D cache flush fallback (bsc#1068032, bsc#1075087).
- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).
- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).
- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).
- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).
- powerpc: Do not preempt_disable() in show_cpuinfo() (bsc#1066223).
- powerpc/ipic: Fix status get and status clear (bnc#1012382).
- powerpc/numa: Ensure nodes initialized for hotplug (FATE#322022, bsc#1081514).
- powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove (bsc#1081512).
- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (FATE#322022, bsc#1081514).
- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).
- powerpc/perf: Fix oops when grouping different pmu events (bnc#1012382).
- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).
- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).
- powerpc/powernv: Fix MCE handler to avoid trashing CR0/CR1 registers (bsc#1066223).
- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).
- powerpc/powernv: Move IDLE_STATE_ENTER_SEQ macro to cpuidle.h (bsc#1066223).
- powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1075087).
- powerpc/pseries: Fix cpu hotplug crash with memoryless nodes (FATE#322022, bsc#1081514).
- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).
- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).
- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).
- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).
- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).
- powerpc: Simplify module TOC handling (bnc#1012382).
- power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
- ppp: Destroy the mutex when cleanup (bnc#1012382).
- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).
- profile: hide unused functions when !CONFIG_PROC_FS (bnc#1012382).
- Provide a function to create a NUL-terminated string from unterminated data (bnc#1012382).
- pwc: hide unused label (bnc#1012382).
- qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).
- qla2xxx: Add FC-NVMe abort processing (bsc#1084427).
- qla2xxx: asynchronous pci probing (bsc#1034503).
- qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).
- qla2xxx: Convert QLA_TGT_ABTS to TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1043726,FATE#324770).
- qla2xxx: do not check login_state if no loop id is assigned (bsc#1081681).
- qla2xxx: ensure async flags are reset correctly (bsc#1081681).
- qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).
- qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).
- qla2xxx: Fix incorrect tcm_qla2xxx_free_cmd use during TMR ABORT (v2) (bsc#1043726,FATE#324770).
- qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).
- qla2xxx: Fix NVMe entry_type for iocb packet on BE system (bsc#1043726,FATE#324770).
- qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).
- qla2xxx: Fixup locking for session deletion (bsc#1081681).
- qla2xxx: Remove nvme_done_list (bsc#1084427).
- qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).
- qla2xxx: remove use of FC-specific error codes (bsc#1043726,FATE#324770).
- qla2xxx: Restore ZIO threshold setting (bsc#1084427).
- qla2xxx: Return busy if rport going away (bsc#1084427).
- qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).
- qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).
- qlcnic: fix deadlock bug (bnc#1012382).
- r8152: fix the list rx_done may be used without initialization (bnc#1012382).
- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).
- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).
- r8169: fix RTL8168EP take too long to complete driver initialization (bnc#1012382).
- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).
- ravb: Remove Rx overflow log messages (bnc#1012382).
- rbd: set max_segments to USHRT_MAX (bnc#1012382).
- RDMA/cma: Avoid triggering undefined behavior (bnc#1012382).
- rdma/cma: Make sure that PSN is not over max allowed (bnc#1012382).
- RDMA/i40iw: Remove MSS change support (bsc#1024376 FATE#321249).
- rdma/uverbs: Protect from command mask overflow (bsc#1082979).
- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).
- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).
- RDS: null pointer dereference in rds_atomic_free_op (bnc#1012382).
- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).
- regulator: da9063: Return an error code on probe failure (bsc#1074847).
- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).
- regulator: Try to resolve regulators supplies on registration (bsc#1074847).
- reiserfs: avoid a -Wmaybe-uninitialized warning (bnc#1012382).
- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).
- Revert 'Bluetooth: btusb: fix QCA Rome suspend/resume' (bnc#1012382).
- Revert 'drm/armada: Fix compile fail' (bnc#1012382).
- Revert 'Enable DEBUG_RFI'
- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).
- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).
- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).
- Revert 'module: Add retpoline tag to VERMAGIC' (kabi).
- Revert 'net: replace dst_cache ip6_tunnel implementation with the generic one' (kabi bnc#1082897).
- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).
- Revert 'power: bq27xxx_battery: Remove unneeded dependency in Kconfig' (bnc#1012382).
- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).
- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).
- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).
- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).
- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).
- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).
- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).
- Revert 'x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0'
- Revert 'x86/entry/64: Use a per-CPU trampoline stack for IDT entries'
- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).
- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).
- rfi-flush: Move the logic to avoid a redo into the debugfs code (bsc#1068032, bsc#1075087).
- rfi-flush: Switch to new linear fallback flush (bsc#1068032, bsc#1075087).
- rhashtable: add rhashtable_lookup_get_insert_key() (bsc#1042286).
- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).
- route: also update fnhe_genid when updating a route cache (bnc#1012382).
- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).
- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).
- rtc-opal: Fix handling of firmware error codes, prevent busy loops (bnc#1012382).
- rtc: pcf8563: fix output clock rate (bnc#1012382).
- rtc: pl031: make interrupt optional (bnc#1012382).
- rtc: set the alarm to the next expiring timer (bnc#1012382).
- rtlwifi: fix gcc-6 indentation warning (bnc#1012382).
- rtlwifi: rtl8821ae: Fix connection lost problem correctly (bnc#1012382).
- s390: add no-execute support (FATE#324087, LTC#158827).
- s390: always save and restore all registers on context switch (bnc#1012382).
- s390/cpuinfo: show facilities as reported by stfle (bnc#1076847, LTC#163740).
- s390/dasd: fix handling of internal requests (bsc#1080321).
- s390/dasd: fix wrongly assigned configuration data (bnc#1012382).
- s390/dasd: prevent prefix I/O error (bnc#1012382).
- s390: fix compat system call table (bnc#1012382).
- s390: fix handling of -1 in set{,fs}[gu]id16 syscalls (bnc#1012382).
- s390: hypfs: Move diag implementation and data definitions (FATE#324070, LTC#158959).
- s390: kvm: Cpu model support for msa6, msa7 and msa8 (FATE#324069, LTC#159031).
- s390: Make cpc_name accessible (FATE#324070, LTC#158959).
- s390: Make diag224 public (FATE#324070, LTC#158959).
- s390/mem_detect: use unsigned longs (FATE#324071, LTC#158956).
- s390/mm: align swapper_pg_dir to 16k (FATE#324087, LTC#158827).
- s390/mm: always use PAGE_KERNEL when mapping pages (FATE#324087, LTC#158827).
- s390/noexec: execute kexec datamover without DAT (FATE#324087, LTC#158827).
- s390/oprofile: fix address range for asynchronous stack (bsc#1082979).
- s390/pageattr: allow kernel page table splitting (FATE#324087, LTC#158827).
- s390/pageattr: avoid unnecessary page table splitting (FATE#324087, LTC#158827).
- s390/pageattr: handle numpages parameter correctly (FATE#324087, LTC#158827).
- s390/pci_dma: improve lazy flush for unmap (bnc#1079886, LTC#163393).
- s390/pci_dma: improve map_sg (bnc#1079886, LTC#163393).
- s390/pci_dma: make lazy flush independent from the tlb_refresh bit (bnc#1079886, LTC#163393).
- s390/pci_dma: remove dma address range check (bnc#1079886, LTC#163393).
- s390/pci_dma: simplify dma address calculation (bnc#1079886, LTC#163393).
- s390/pci_dma: split dma_update_trans (bnc#1079886, LTC#163393).
- s390/pci: do not require AIS facility (bnc#1012382).
- s390/pci: fix dma address calculation in map_sg (bnc#1079886, LTC#163393).
- s390/pci: handle insufficient resources during dma tlb flush (bnc#1079886, LTC#163393).
- s390/pgtable: introduce and use generic csp inline asm (FATE#324087, LTC#158827).
- s390/pgtable: make pmd and pud helper functions available (FATE#324087, LTC#158827).
- s390/qeth: fix underestimated count of buffer elements (bnc#1082089, LTC#164529).
- s390/qeth: no ETH header for outbound AF_IUCV (LTC#156276 bnc#1012382 bnc#1053472).
- s390: report new vector facilities (FATE#324088, LTC#158828).
- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).
- s390/sclp: Add hmfai field (FATE#324071, LTC#158956).
- s390/vmem: align segment and region tables to 16k (FATE#324087, LTC#158827).
- s390/vmem: introduce and use SEGMENT_KERNEL and REGION3_KERNEL (FATE#324087, LTC#158827).
- s390/vmem: simplify vmem code for read-only mappings (FATE#324087, LTC#158827).
- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).
- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).
- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).
- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).
- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).
- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).
- sched/rt: Up the root domain ref count when passing it around via IPIs (bnc#1012382).
- sched/rt: Use container_of() to get root domain in rto_push_irq_work_func() (bnc#1012382).
- scripts/kernel-doc: Do not fail with status != 0 if error encountered with -none (bnc#1012382).
- scsi: aacraid: Fix hang in kdump (bsc#1022607, FATE#321673).
- scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path (bnc#1012382).
- scsi: advansys: fix build warning for PCI=n (bnc#1012382).
- scsi: advansys: fix uninitialized data access (bnc#1012382).
- scsi: bfa: integer overflow in debugfs (bnc#1012382).
- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).
- scsi: do not look for NULL devices handlers by name (bsc#1082373).
- scsi: fas216: fix sense buffer initialization (bsc#1082979).
- scsi: fdomain: drop fdomain_pci_tbl when built-in (bnc#1012382).
- scsi: handle ABORTED_COMMAND on Fujitsu ETERNUS (bsc#1069138).
- scsi: hisi_sas: directly attached disk LED feature for v2 hw (bsc#1083409).
- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).
- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).
- scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info (bnc#1012382).
- scsi: initio: remove duplicate module device table (bnc#1012382 bsc#1082979).
- scsi: initio: remove duplicate module device table (bsc#1082979).
- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).
- scsi: libsas: fix error when getting phy events (bsc#1082979).
- scsi: libsas: fix memory leak in sas_smp_get_phy_events() (bsc#1082979).
- scsi: lpfc: Add WQ Full Logic for NVME Target (bsc#1080656).
- scsi: lpfc: Allow set of maximum outstanding SCSI cmd limit for a target (bsc#1080656).
- scsi: lpfc: Beef up stat counters for debug (bsc#1076693).
- scsi: lpfc: correct debug counters for abort (bsc#1080656).
- scsi: lpfc: do not dereference localport before it has been null checked (bsc#1076693).
- scsi: lpfc: Do not return internal MBXERR_ERROR code from probe function (bsc#1082979).
- scsi: lpfc: fix a couple of minor indentation issues (bsc#1076693).
- scsi: lpfc: Fix -EOVERFLOW behavior for NVMET and defer_rcv (bsc#1076693).
- scsi: lpfc: Fix header inclusion in lpfc_nvmet (bsc#1080656).
- scsi: lpfc: Fix infinite wait when driver unregisters a remote NVME port (bsc#1076693).
- scsi: lpfc: Fix IO failure during hba reset testing with nvme io (bsc#1080656).
- scsi: lpfc: Fix issue_lip if link is disabled (bsc#1080656).
- scsi: lpfc: Fix issues connecting with nvme initiator (bsc#1076693).
- scsi: lpfc: Fix nonrecovery of NVME controller after cable swap (bsc#1080656).
- scsi: lpfc: Fix PRLI handling when topology type changes (bsc#1080656).
- scsi: lpfc: Fix receive PRLI handling (bsc#1076693).
- scsi: lpfc: Fix RQ empty firmware trap (bsc#1080656).
- scsi: lpfc: Fix SCSI io host reset causing kernel crash (bsc#1080656).
- scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled (bsc#1076693).
- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bsc#1080656).
- scsi: lpfc: Increase CQ and WQ sizes for SCSI (bsc#1080656).
- scsi: lpfc: Increase SCSI CQ and WQ sizes (bsc#1076693).
- scsi: lpfc: Indicate CONF support in NVMe PRLI (bsc#1080656).
- scsi: lpfc: move placement of target destroy on driver detach (bsc#1080656).
- scsi: lpfc: Treat SCSI Write operation Underruns as an error (bsc#1080656).
- scsi: lpfc: Update 11.4.0.7 modified files for 2018 Copyright (bsc#1080656).
- scsi: lpfc: update driver version to 11.4.0.6 (bsc#1076693).
- scsi: lpfc: update driver version to 11.4.0.7 (bsc#1080656).
- scsi: lpfc: Use after free in lpfc_rq_buf_free() (bsc#1037838).
- scsi: lpfc: Validate adapter support for SRIU option (bsc#1080656).
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).
- scsi: mvumi: use __maybe_unused to hide pm functions (bnc#1012382).
- scsi: qla2xxx: Ability to process multiple SGEs in Command SGL for CT passthrough commands (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Accelerate SCSI BUSY status generation in target mode (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Add ability to autodetect SFP type (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add ability to send PRLO (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add ability to use GPNFT/GNNFT for RSCN handling (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add ATIO-Q processing for INTx mode (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add boundary checks for exchanges to be offloaded (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add command completion for error path (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add debug knob for user control workload (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Add debug logging routine for qpair (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Added change to enable ZIO for FC-NVMe devices (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add FC-NVMe command handling (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add FC-NVMe F/W initialization and transport registration (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add FC-NVMe port discovery and PRLI handling (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add function call to qpair for door bell (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Add fw_started flags to qpair (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Add lock protection around host lookup (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add LR distance support from nvram bit (bsc#1043726,FATE#324770).
- scsi: qla2xxx: add missing includes for qla_isr (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add option for use reserve exch for ELS (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add ql2xiniexchg parameter (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Add retry limit for fabric scan logic (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add support for minimum link speed (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add switch command to simplify fabric discovery (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add timeout ability to wait_for_sess_deletion() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Add XCB counters to debugfs (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Allow ABTS, PURX, RIDA on ATIOQ for ISP83XX/27XX (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Allow MBC_GET_PORT_DATABASE to query and save the port states (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Allow relogin and session creation after reset (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Allow SNS fabric login to be retried (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Allow target mode to accept PRLI in dual mode (bsc#1043726,FATE#324770).
- scsi: qla2xxx: avoid unused-function warning (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Change ha->wq max_active value to default (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Changes to support N2N logins (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Chip reset uses wrong lock during IO flush (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Cleanup FC-NVMe code (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Cleanup NPIV host in target mode during config teardown (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Clear fc4f_nvme flag (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Clear loop id after delete (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Combine Active command arrays (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Convert 32-bit LUN usage to 64-bit (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Defer processing of GS IOCB calls (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Delay loop id allocation at login (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Do not call abort handler function during chip reset (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Do not call dma_free_coherent with IRQ disabled (bsc#1043726,FATE#324770).
- scsi: qla2xxx: do not include <generated/utsrelease.h> (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Enable Async TMF processing (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Enable ATIO interrupt handshake for ISP27XX (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Enable Target Multi Queue (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Fix abort command deadlock due to spinlock (FATE#320146, bsc#966328).
- scsi: qla2xxx: fix a bunch of typos and spelling mistakes (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix a locking imbalance in qlt_24xx_handle_els() (bsc#1082979).
- scsi: qla2xxx: Fix compile warning (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Fix FC-NVMe LUN discovery (bsc#1083223).
- scsi: qla2xxx: Fix Firmware dump size for Extended login and Exchange Offload (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix GPNFT/GNNFT error handling (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix gpnid error processing (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix incorrect handle for abort IOCB (bsc#1082979).
- scsi: qla2xxx: Fix login state machine freeze (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix login state machine stuck at GPDB (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix logo flag for qlt_free_session_done() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix mailbox failure while deleting Queue pairs (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Fix memory leak in dual/target mode (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix NPIV host cleanup in target mode (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix NPIV host enable after chip reset (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix NULL pointer access for fcport structure (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS (bsc#1082979).
- scsi: qla2xxx: Fix NULL pointer crash due to probe failure (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix oops in qla2x00_probe_one error path (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix PRLI state check (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix queue ID for async abort with Multiqueue (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix recursion while sending terminate exchange (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix Relogin being triggered too fast (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix re-login for Nport Handle in use (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix remoteport disconnect for FC-NVMe (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix scan state field for fcport (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix session cleanup for N2N (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix slow mem alloc behind lock (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que (bsc#1043726,FATE#324770).
- scsi: qla2xxx: fix spelling mistake of variable sfp_additonal_info (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix system crash for Notify ack timeout handling (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix system crash while triggering FW dump (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix system panic due to pointer access problem (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix target multiqueue configuration (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix task mgmt handling for NPIV (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix warning during port_name debug print (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix warning for code intentation in __qla24xx_handle_gpdb_event() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Fix WWPN/WWNN in debug message (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Handle PCIe error for driver (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Include Exchange offload/Extended Login into FW dump (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Increase ql2xmaxqdepth to 64 (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Increase verbosity of debug messages logged (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Migrate switch registration commands away from mailbox interface (bsc#1043726,FATE#324770).
- scsi: qla2xxx: move fields from qla_hw_data to qla_qpair (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Move function prototype to correct header (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Move logging default mask to execute once only (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Move session delete to driver work queue (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Move target stat counters from vha to qpair (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Move work element processing out of DPC thread (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Off by one in qlt_ctio_to_cmd() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Preparation for Target MQ (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Prevent multiple active discovery commands per session (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Prevent relogin trigger from sending too many commands (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Prevent sp->free null/uninitialized pointer dereference (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Print correct mailbox registers in failed summary (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Properly extract ADISC error codes (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Protect access to qpair members with qpair->qp_lock (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Query FC4 type during RSCN processing (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Recheck session state after RSCN (bsc#1043726,FATE#324770)
- scsi: qla2xxx: Reduce the use of terminate exchange (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Reduce trace noise for Async Events (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Reinstate module parameter ql2xenablemsix (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Relogin to target port on a cable swap (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout (FATE#320146, bsc#966328).
- scsi: qla2xxx: Remove an unused structure member (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Remove datasegs_per_cmd and datasegs_per_cont field (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Remove extra register read (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Remove extra register read (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Remove FC_NO_LOOP_ID for FCP and FC-NVMe Discovery (bsc#1084397).
- scsi: qla2xxx: Remove potential macro parameter side-effect in ql_dump_regs() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: remove redundant assignment of d (bsc#1043726,FATE#324770).
- scsi: qla2xxx: remove redundant null check on tgt (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Remove redundant wait when target is stopped (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Remove session creation redundant code (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Remove unused argument from qlt_schedule_sess_for_deletion() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Remove unused irq_cmd_count field (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Remove unused tgt_enable_64bit_addr flag (bsc#1043725,FATE#324770).
- scsi: qla2xxx: remove writeq/readq function definitions (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Replace GPDB with async ADISC command (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Reset the logo flag, after target re-login (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Retry switch command on time out (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Send FC4 type NVMe to the management server (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Serialize GPNID for multiple RSCN (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Serialize session deletion by using work_lock (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Serialize session free in qlt_free_session_done (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Simpify unregistration of FC-NVMe local/remote ports (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Skip IRQ affinity for Target QPairs (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Skip zero queue count entry during FW dump capture (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Suppress a kernel complaint in qla_init_base_qpair() (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Tweak resource count dump (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Update Driver version to 10.00.00.00-k (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Update driver version to 10.00.00.01-k (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Update driver version to 10.00.00.02-k (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Update driver version to 10.00.00.03-k (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Update driver version to 10.00.00.04-k (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Update driver version to 10.00.00.05-k (bsc#1081681).
- scsi: qla2xxx: Update driver version to 9.01.00.00-k (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Update fw_started flags at qpair creation (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Use BIT_6 to acquire FAWWPN from switch (bsc#1043726,FATE#324770)
- scsi: qla2xxx: Use chip reset to bring down laser on unload (bsc#1043726,FATE#324770).
- scsi: qla2xxx: use dma_mapping_error to check map errors (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Use FC-NVMe FC4 type for FDMI registration (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Use IOCB path to submit Control VP MBX command (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Use known NPort ID for Management Server login (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Use ql2xnvmeenable to enable Q-Pair for FC-NVMe (bsc#1043726,FATE#324770).
- scsi: qla2xxx: use shadow register for ISP27XX (bsc#1043725,FATE#324770).
- scsi: qla2xxx: Use shadow register for ISP27XX (bsc#1043726,FATE#324770).
- scsi: qla2xxx: Use sp->free instead of hard coded call (bsc#1043726,FATE#324770).
- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).
- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).
- scsi: ses: do not get power status of SES device slot on probe (bsc#1082979).
- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).
- scsi: sim710: fix build warning (bnc#1012382).
- scsi: sr: wait for the medium to become ready (bsc#1048585).
- scsi: sr: workaround VMware ESXi cdrom emulation bug (bsc#1080813).
- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error (bnc#1012382).
- scsi: storvsc: remove unnecessary channel inbound lock (fate#315887, bsc#1082632).
- scsi: sun_esp: fix device reference leaks (bsc#1082979).
- scsi: tcm_qla2xxx: Do not allow aborted cmd to advance (bsc#1043725,FATE#324770).
- scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg (bnc#1012382).
- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).
- sctp: make use of pre-calculated len (bnc#1012382).
- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).
- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).
- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).
- selftests/x86: Add test_vsyscall (bnc#1012382).
- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).
- selinux: ensure the context is NUL terminated in security_context_to_sid_core() (bnc#1012382).
- selinux: general protection fault in sock_has_perm (bnc#1012382).
- selinux: skip bounded transition processing if the policy isn't loaded (bnc#1012382).
- serial: 8250_mid: fix broken DMA dependency (bnc#1012382).
- serial: 8250_pci: Add Amazon PCI serial device ID (bnc#1012382).
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).
- serial: 8250_uniphier: fix error return code in uniphier_uart_probe() (bsc#1031717).
- serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS (bnc#1012382).
- series.conf: disable qla2xxx patches (bsc#1043725)
- series.conf: move core networking (including netfilter) into sorted section
- series.conf: refresh Ran series_sort.py (no effect on expanded tree).
- series.conf: whitespace cleanup
- Set supported_modules_check 1 (bsc#1072163).
- sfc: do not warn on successful change of MAC (bnc#1012382).
- sget(): handle failures of register_shrinker() (bnc#1012382).
- sh_eth: fix SH7757 GEther initialization (bnc#1012382).
- sh_eth: fix TSU resource handling (bnc#1012382).
- signal/openrisc: Fix do_unaligned_access to send the proper signal (bnc#1012382).
- signal/sh: Ensure si_signo is initialized in do_divide_error (bnc#1012382).
- sit: update frag_off info (bnc#1012382).
- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).
- SolutionEngine771x: fix Ether platform data (bnc#1012382).
- sparc64/mm: set fields in deferred pages (bnc#1012382).
- spi: atmel: fixed spin_lock usage inside atmel_spi_remove (bnc#1012382).
- spi: imx: do not access registers while clocks disabled (bnc#1012382).
- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).
- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).
- spi: sun4i: disable clocks in the remove function (bnc#1012382).
- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).
- ssb: mark ssb_bus_register as __maybe_unused (bnc#1012382).
- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).
- staging: android: ashmem: Fix a race condition in pin ioctls (bnc#1012382).
- staging: iio: adc: ad7192: fix external frequency setting (bnc#1012382).
- staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID (bnc#1012382).
- staging: ste_rmi4: avoid unused function warnings (bnc#1012382).
- staging: unisys: visorinput depends on INPUT (bnc#1012382).
- staging: wilc1000: fix kbuild test robot error (bnc#1012382).
- sunrpc: Allow connect to return EHOSTUNREACH (bnc#1012382).
- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).
- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- sysrq : fix Show Regs call trace on ARM (bnc#1012382).
- target: Add support for TMR percpu reference counting (bsc#1043726,FATE#324770).
- target: Add TARGET_SCF_LOOKUP_LUN_FROM_TAG support for ABORT_TASK (bsc#1043726,FATE#324770).
- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).
- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).
- target: fix ALUA transition timeout handling (bnc#1012382).
- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).
- target: fix race during implicit transition work flushes (bnc#1012382).
- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).
- target: Use system workqueue for ALUA transitions (bnc#1012382).
- tc1100-wmi: fix build warning when CONFIG_PM not enabled (bnc#1012382).
- tc358743: fix register i2c_rd/wr function fix (git-fixes).
- tc358743: fix register i2c_rd/wr functions (bnc#1012382).
- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).
- tcp: do not set rtt_min to 1 (bsc#1042286).
- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).
- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).
- tcp: release sk_frag.page in tcp_disconnect (bnc#1012382).
- tcp: __tcp_hdrlen() helper (bnc#1012382).
- test_bpf: fix the dummy skb after dissector changes (bsc#1042286).
- tg3: Add workaround to restrict 5762 MRRS to 2048 (bnc#1012382).
- tg3: Enable PHY reset in MTU change path for 5720 (bnc#1012382).
- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).
- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).
- thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies (bnc#1012382).
- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).
- thermal: spear: use __maybe_unused for PM functions (bnc#1012382).
- tipc: fix cleanup at module unload (bnc#1012382).
- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).
- tipc: improve link resiliency when rps is activated (bsc#1068038).
- tlan: avoid unused label with PCI=n (bnc#1012382).
- tools build: Add tools tree support for 'make -s' (bnc#1012382).
- tpm-dev-common: Reject too short writes (bsc#1020645, git-fixes).
- tpm: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).
- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).
- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).
- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).
- tpm_tis: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).
- tracing: Allocate mask_str buffer dynamically (bnc#1012382).
- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).
- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).
- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).
- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).
- tty: cyclades: cyz_interrupt is only used for PCI (bnc#1012382).
- tty fix oops when rmmod 8250 (bnc#1012382).
- tty: hvc_xen: hide xen_console_remove when unused (bnc#1012382).
- tty: mxser: Remove ASYNC_CLOSING (bnc#1072363).
- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).
- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).
- ubi: block: Fix locking for idr_alloc/idr_remove (bnc#1012382).
- udf: Avoid overflow when session starts at large offset (bnc#1012382).
- udp: restore UDPlite many-cast delivery (bsc#1042286).
- um: link vmlinux with -no-pie (bnc#1012382).
- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).
- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).
- usb: build drivers/usb/common/ when USB_SUPPORT is set (bnc#1012382).
- usb: cdc-acm: Do not log urb submission errors on disconnect (bnc#1012382).
- usb: cdc_subset: only build when one driver is enabled (bnc#1012382).
- USB: core: Add type-specific length check of BOS descriptors (bnc#1012382).
- USB: core: prevent malicious bNumInterfaces overflow (bnc#1012382).
- USB: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).
- usb: dwc3: gadget: Set maxpacket size for ep0 IN (bnc#1012382).
- usb: f_fs: Prevent gadget unbind if it is already unbound (bnc#1012382).
- USB: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).
- USB: fix usbmon BUG trigger (bnc#1012382).
- usb: gadget: configs: plug memory leak (bnc#1012382).
- usb: gadget: do not dereference g until after it has been null checked (bnc#1012382).
- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).
- usb: gadget: f_fs: Process all descriptors during bind (bnc#1012382).
- USB: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).
- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).
- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).
- usb: gadget: uvc: Missing files for configfs interface (bnc#1012382).
- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).
- USB: Increase usbfs transfer limit (bnc#1012382).
- usbip: fix 3eee23c3ec14 tcp_socket address still in the status file (bnc#1012382).
- usbip: Fix implicit fallthrough warning (bnc#1012382).
- usbip: Fix potential format overflow in userspace tools (bnc#1012382).
- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).
- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).
- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).
- usbip: keep usbip_device sockfd state in sync with tcp_socket (bnc#1012382).
- usbip: list: do not list devices attached to vhci_hcd (bnc#1012382).
- usbip: prevent bind loops on devices attached to vhci_hcd (bnc#1012382).
- usbip: prevent leaking socket pointer address in messages (bnc#1012382).
- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).
- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).
- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).
- usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit (bnc#1012382).
- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).
- usb: ldusb: add PIDs for new CASSY devices supported by this driver (bnc#1012382).
- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).
- usb: musb: da8xx: fix babble condition handling (bnc#1012382).
- usb: musb/ux500: remove duplicate check for dma_is_compatible (bnc#1012382).
- usb: ohci: Proper handling of ed_rm_list to handle race condition between usb_kill_urb() and finish_unlinks() (bnc#1012382).
- usb: option: Add support for FS040U modem (bnc#1012382).
- usb: phy: isp1301: Add OF device ID table (bnc#1012382).
- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).
- usb: phy: msm add regulator dependency (bnc#1012382).
- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).
- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).
- usb: renesas_usbhs: missed the 'running' flag in usb_dmac with rx path (bnc#1012382).
- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).
- USB: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).
- USB: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).
- usb: serial: io_edgeport: fix possible sleep-in-atomic (bnc#1012382).
- USB: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).
- USB: serial: option: add Quectel BG96 id (bnc#1012382).
- USB: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).
- usb: serial: pl2303: new device id for Chilitag (bnc#1012382).
- USB: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).
- usb: serial: simple: add Motorola Tetra driver (bnc#1012382).
- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).
- usb: uas: unconditionally bring back host after reset (bnc#1012382).
- USB: usbfs: Filter flags passed in from user space (bnc#1012382).
- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).
- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).
- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).
- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).
- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).
- v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER (bnc#1012382).
- vb2: V4L2_BUF_FLAG_DONE is set after DQBUF (bnc#1012382).
- vfs: do not do RCU lookup of empty pathnames (bnc#1012382).
- vhost_net: stop device during reset owner (bnc#1012382).
- video: fbdev: atmel_lcdfb: fix display-timings lookup (bnc#1012382).
- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).
- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).
- video: fbdev/mmp: add MODULE_LICENSE (bnc#1012382).
- video: fbdev: sis: remove unused variable (bnc#1012382).
- video: fbdev: via: remove possibly unused variables (bnc#1012382).
- video: Use bool instead int pointer for get_opt_bool() argument (bnc#1012382).
- virtio_balloon: prevent uninitialized variable use (bnc#1012382).
- virtio: release virtio index when fail to device_register (bnc#1012382).
- vmbus: add per-channel sysfs info (fate#315887, bsc#1082632).
- vmbus: add prefetch to ring buffer iterator (fate#315887, bsc#1082632).
- vmbus: do not acquire the mutex in vmbus_hvsock_device_unregister() (fate#315887, bsc#1082632).
- vmbus: drop unused ring_buffer_info elements (fate#315887, bsc#1082632).
- vmbus: eliminate duplicate cached index (fate#315887, bsc#1082632).
- vmbus: hvsock: add proper sync for vmbus_hvsock_device_unregister() (fate#315887, bsc#1082632).
- vmbus: initialize reserved fields in messages (fate#315887, bsc#1082632).
- vmbus: make channel_message table constant (fate#315887, bsc#1082632).
- vmbus: more host signalling avoidance (fate#315887, bsc#1082632).
- vmbus: refactor hv_signal_on_read (fate#315887, bsc#1082632).
- vmbus: remove unused vmbus_sendpacket_ctl (fate#315887, bsc#1082632).
- vmbus: remove unused vmbus_sendpacket_multipagebuffer (fate#315887, bsc#1082632).
- vmbus: remove unused vmubs_sendpacket_pagebuffer_ctl (fate#315887, bsc#1082632).
- vmbus: Reuse uuid_le_to_bin() helper (fate#315887, bsc#1082632).
- vmbus: simplify hv_ringbuffer_read (fate#315887, bsc#1082632).
- vmbus: unregister device_obj->channels_kset (fate#315887, bsc#1082632).
- vmxnet3: prevent building with 64K pages (bnc#1012382).
- vmxnet3: repair memory leak (bnc#1012382).
- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).
- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).
- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).
- vxlan: consolidate csum flag handling (bsc#1042286).
- vxlan: consolidate output route calculation (bsc#1042286).
- vxlan: consolidate vxlan_xmit_skb and vxlan6_xmit_skb (bsc#1042286).
- vxlan: do not allow overwrite of config src addr (bsc#1042286).
- watchdog: imx2_wdt: restore previous timeout after suspend+resume (bnc#1012382).
- wireless: cw1200: use __maybe_unused to hide pm functions_ (bnc#1012382).
- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).
- writeback: fix memory leak in wb_queue_work() (bnc#1012382).
- X.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).
- X.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).
- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).
- x86: add MULTIUSER dependency for KVM (bnc#1012382).
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm (bnc#1012382).
- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).
- x86/apic/vector: Fix off by one in error path (bnc#1012382).
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).
- x86/asm: Fix inline asm call constraints for GCC 4.4 (bnc#1012382).
- x86/boot: Avoid warning for zero-filling .bss (bnc#1012382).
- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).
- x86: bpf_jit: small optimization in emit_bpf_tail_call() (bnc#1012382).
- x86/bugs: Drop one 'mitigation' from dmesg (bnc#1012382).
- x86/build: Silence the build with 'make -s' (bnc#1012382).
- x86/cpu/bugs: Make retpoline module warning conditional (bnc#1012382).
- x86/cpu: Change type of x86_cache_size variable to unsigned int (bnc#1012382).
- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).
- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).
- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).
- x86/cpu: Rename Merrifield2 to Moorefield (bsc#985025).
- x86/cpu: Rename 'WESTMERE2' family to 'NEHALEM_G' (bsc#985025).
- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).
- x86/Documentation: Add PTI description (bnc#1012382).
- x86/efi: Build our own page table structures (fate#320512).
- x86/efi: Hoist page table switching code into efi_call_virt() (fate#320512).
- x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0 (bsc#1077560).
- x86/entry/64: Use a per-CPU trampoline stack for IDT entries (bsc#1077560).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).
- x86: fix build warnign with 32-bit PAE (bnc#1012382).
- x86/fpu/math-emu: Fix possible uninitialized variable use (bnc#1012382).
- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).
- x86/hyperv: Implement hv_get_tsc_page() (fate#315887, bsc#1082632).
- x86/hyper-v: include hyperv/ only when CONFIG_HYPERV is set (fate#315887, bsc#1082632).
- x86/hyper-v: Introduce fast hypercall implementation (fate#315887, bsc#1082632).
- x86/hyper-v: Make hv_do_hypercall() inline (fate#315887, bsc#1082632).
- x86/hyperv: Move TSC reading method to asm/mshyperv.h (fate#315887, bsc#1082632).
- x86/kaiser: fix build error with KASAN && !FUNCTION_GRAPH_TRACER (bnc#1012382).
- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).
- x86/kasan: Write protect kasan zero shadow (bnc#1012382).
- x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when running nested (bsc#1081431).
- x86/mce: Pin the timer when modifying (bsc#1080851,1076282).
- x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix preemptibility bug (bnc#1012382).
- x86/microcode/AMD: Do not load when running on a hypervisor (bnc#1012382).
- x86/microcode/AMD: Do not load when running on a hypervisor (bsc#1081436 bsc#1081437).
- x86/microcode: Do the family check first (bnc#1012382).
- x86/microcode: Do the family check first (bsc#1081436 bsc#1081437).
- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).
- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).
- x86/mm: Disable PCID on 32-bit kernels (bnc#1012382).
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bnc#1012382).
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (fate#320588).
- x86/mm/pkeys: Fix fill_sig_info_pkey (fate#321300).
- x86/nospec: Fix header guards names (bnc#1012382).
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bnc#1012382).
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bnc#1012382).
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).
- x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG (bnc#1012382).
- x86/platform/olpc: Fix resume handler build warning (bnc#1012382).
- x86/pti: Document fix wrong index (bnc#1012382).
- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).
- x86/pti: Make unpoison of pgd for trusted boot work for real (bnc#1012382).
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).
- x86/ras/inject: Make it depend on X86_LOCAL_APIC=y (bnc#1012382).
- x86/retpoline: Avoid retpolines for built-in __init functions (bnc#1012382).
- x86/retpoline/hyperv: Convert assembler indirect jumps (fate#315887, bsc#1082632).
- x86/retpoline: Remove the esp/rsp thunk (bnc#1012382).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).
- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).
- x86/spectre: Check CONFIG_RETPOLINE in command line parser (bnc#1012382).
- x86/spectre: Fix an error message (git-fixes).
- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bnc#1012382).
- x86/spectre: Remove the out-of-tree RSB stuffing
- x86/spectre: Simplify spectre_v2 command line parsing (bnc#1012382).
- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL (bnc#1012382).
- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).
- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).
- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend (bnc#1065600).
- xen: Fix trampoline stack loading issue on XEN PV.
- xen/gntdev: Fix off-by-one error when unmapping with holes (bnc#1012382).
- xen/gntdev: Fix partial gntdev_mmap() cleanup (bnc#1012382).
- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).
- xen-netfront: enable device after manual module load (bnc#1012382).
- xen-netfront: Improve error handling during initialization (bnc#1012382).
- xen-netfront: remove warning when unloading module (bnc#1012382).
- xen: XEN_ACPI_PROCESSOR is Dom0-only (bnc#1012382).
- xfrm: check id proto in validate_tmpl() (bnc#1012382).
- xfrm: Copy policy family in clone_policy (bnc#1012382).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (bnc#1012382).
- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies (bnc#1012382).
- xfrm_user: propagate sec ctx allocation errors (bsc#1042286).
- xfs: add configurable error support to metadata buffers (bsc#1068569).
- xfs: add configuration handlers for specific errors (bsc#1068569).
- xfs: add configuration of error failure speed (bsc#1068569).
- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).
- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).
- xfs: address kabi for xfs buffer retry infrastructure (kabi).
- xfs: configurable error behavior via sysfs (bsc#1068569).
- xfs: do not chain ioends during writepage submission (bsc#1077285 bsc#1043441).
- xfs: factor mapping out of xfs_do_writepage (bsc#1077285 bsc#1043441).
- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).
- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).
- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).
- xfs: introduce metadata IO error class (bsc#1068569).
- xfs: introduce table-based init for error behaviors (bsc#1068569).
- xfs: Introduce writeback context for writepages (bsc#1077285 bsc#1043441).
- xfs: ioends require logically contiguous file offsets (bsc#1077285 bsc#1043441).
- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).
- xfs: quota: check result of register_shrinker() (bnc#1012382).
- xfs: quota: fix missed destroy of qi_tree_lock (bnc#1012382).
- xfs: reinit btree pointer on attr tree inactivation walk (bsc#1078787).
- xfs: remove nonblocking mode from xfs_vm_writepage (bsc#1077285 bsc#1043441).
- xfs: remove xfs_cancel_ioend (bsc#1077285 bsc#1043441).
- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).
- xfs: stop searching for free slots in an inode chunk when there are none (bsc#1072739).
- xfs: toggle readonly state around xfs_log_mount_finish (bsc#1073401).
- xfs: ubsan fixes (bnc#1012382).
- xfs: validate sb_logsunit is a multiple of the fs blocksize (bsc#1077513).
- xfs: write unmount record for ro mounts (bsc#1073401).
- xfs: xfs_cluster_write is redundant (bsc#1077285 bsc#1043441).
- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).
- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).
- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).
- xtensa: fix futex_atomic_cmpxchg_inatomic (bnc#1012382).
- zram: fix operator precedence to get offset (bsc#1082979).
- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).
Patchnames
SUSE-SLE-RT-12-SP3-2018-663
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP3 Realtime kernel was updated to 4.4.120 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).\n\n The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.\n\n- CVE-2017-13166: An elevation of privilege vulnerability in the v4l2 video driver. (bnc#1072865).\n- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel. The function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).\n- CVE-2017-15951: The KEYS subsystem in the Linux kernel did not correctly synchronize the actions of updating versus finding a key in the 'negative' state to avoid a race condition, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls (bnc#1065615).\n- CVE-2017-16912: The 'get_pipe()' function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673).\n- CVE-2017-16913: The 'stub_recv_cmd_submit()' function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672).\n- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229 1073230).\n- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).\n- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).\n- CVE-2017-17975: Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c allowed attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure (bnc#1074426).\n- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).\n- CVE-2017-18174: In the Linux kernel the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free (bnc#1080533).\n- CVE-2017-18208: The madvise_willneed function in mm/madvise.c allowed local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494).\n- CVE-2018-1000004: In the Linux kernel a race condition vulnerability existed in the sound system, which could lead to a deadlock and denial of service condition (bnc#1076017).\n- CVE-2018-1000026: Linux kernel version contained a insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via an attacker that must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM. (bnc#1079384).\n- CVE-2018-5332: In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).\n- CVE-2018-5333: In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2018-8087: Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c allowed local users to cause a denial of service (memory consumption) by triggering an out-of-array error case (bnc#1085053).\n- CVE-2017-16644: The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118).\n\nThe following non-security bugs were fixed:\n\n- 509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).\n- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).\n- acpi / bus: Leave modalias empty for devices which are not present (bnc#1012382).\n- acpi, nfit: fix health event notification (FATE#321135, FATE#321217, FATE#321256, FATE#321391, FATE#321393).\n- acpi, nfit: fix register dimm error handling (FATE#321135, FATE#321217, FATE#321256, FATE#321391, FATE#321393).\n- acpi: sbshc: remove raw pointer from printk() message (bnc#1012382).\n- acpi / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).\n- Add delay-init quirk for Corsair K70 RGB keyboards (bnc#1012382).\n- add ip6_make_flowinfo helper (bsc#1042286).\n- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).\n- af_key: fix buffer overread in verify_address_len() (bnc#1012382).\n- afs: Adjust mode bits processing (bnc#1012382).\n- afs: Connect up the CB.ProbeUuid (bnc#1012382).\n- afs: Fix afs_kill_pages() (bnc#1012382).\n- afs: Fix missing put_page() (bnc#1012382).\n- afs: Fix page leak in afs_write_begin() (bnc#1012382).\n- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).\n- afs: Flush outstanding writes when an fd is closed (bnc#1012382).\n- afs: Migrate vlocation fields to 64-bit (bnc#1012382).\n- afs: Populate and use client modification time (bnc#1012382).\n- afs: Populate group ID from vnode status (bnc#1012382).\n- afs: Prevent callback expiry timer overflow (bnc#1012382).\n- ahci: Add Intel Cannon Lake PCH-H PCI ID (bnc#1012382).\n- ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI (bnc#1012382).\n- ahci: Annotate PCI ids for mobile Intel chipsets as such (bnc#1012382).\n- alpha: fix build failures (bnc#1012382).\n- alpha: fix crash if pthread_create races with signal delivery (bnc#1012382).\n- alpha: fix reboot on Avanti platform (bnc#1012382).\n- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).\n- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).\n- alsa: aloop: Release cable upon open error path (bsc#1031717).\n- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).\n- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).\n- alsa: hda/ca0132 - fix possible NULL pointer use (bnc#1012382).\n- alsa: hda - Fix headset mic detection problem for two Dell machines (bnc#1012382).\n- alsa: hda/realtek - Add headset mode support for Dell laptop (bsc#1031717).\n- alsa: hda/realtek: PCI quirk for Fujitsu U7x7 (bnc#1012382).\n- alsa: hda - Reduce the suspend time consumption for ALC256 (bsc#1031717).\n- alsa: hda - Use IS_REACHABLE() for dependency on input (bsc#1031717).\n- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).\n- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).\n- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).\n- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).\n- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).\n- alsa: seq: Fix racy pool initializations (bnc#1012382).\n- alsa: seq: Fix regression by incorrect ioctl_mutex usages (bnc#1012382).\n- alsa: usb-audio: add implicit fb quirk for Behringer UFX1204 (bnc#1012382).\n- alsa: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bnc#1012382).\n- amd-xgbe: Fix unused suspend handlers build warning (bnc#1012382).\n- arc: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).\n- arm64: add PTE_ADDR_MASK (bsc#1068032).\n- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).\n- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).\n- arm64: barrier: Add CSDB macros to control data-value prediction (bsc#1068032).\n- arm64: Branch predictor hardening for Cavium ThunderX2 (bsc#1068032).\n- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).\n- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).\n- arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs (bsc#1068032).\n- arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 (bsc#1068032).\n- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).\n- arm64: define BUG() instruction without CONFIG_BUG (bnc#1012382).\n- arm64: Define cputype macros for Falkor CPU (bsc#1068032).\n- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).\n- arm64: Disable unhandled signal log messages by default (bnc#1012382).\n- arm64: Do not force KPTI for CPUs that are not vulnerable (bsc#1076187).\n- arm64: do not pull uaccess.h into *.S (bsc#1068032).\n- arm64: dts: add #cooling-cells to CPU nodes (bnc#1012382).\n- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).\n- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).\n- arm64: entry: Apply BP hardening for high-priority synchronous exceptions (bsc#1068032).\n- arm64: entry: Apply BP hardening for suspicious interrupts from EL0 (bsc#1068032).\n- arm64: entry: Ensure branch through syscall table is bounded under speculation (bsc#1068032).\n- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).\n- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).\n- arm64: entry: remove pointless SPSR mode check (bsc#1068032).\n- arm64: entry: Reword comment about post_ttbr_update_workaround (bsc#1068032).\n- arm64: entry.S convert el0_sync (bsc#1068032).\n- arm64: entry.S: convert el1_sync (bsc#1068032).\n- arm64: entry.S: convert elX_irq (bsc#1068032).\n- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).\n- arm64: entry.S: Remove disable_dbg (bsc#1068032).\n- arm64: erratum: Work around Falkor erratum #E1003 in trampoline code (bsc#1068032).\n- arm64: explicitly mask all exceptions (bsc#1068032).\n- arm64: factor out entry stack manipulation (bsc#1068032).\n- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).\n- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).\n- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).\n- arm64: factor work_pending state machine to C (bsc#1068032).\n- arm64: Force KPTI to be disabled on Cavium ThunderX (bsc#1068032).\n- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).\n- arm64: futex: Mask __user pointers prior to dereference (bsc#1068032).\n- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).\n- arm64: Handle faults caused by inadvertent user access with PAN enabled (bsc#1068032).\n- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).\n- arm64: idmap: Use 'awx' flags for .idmap.text .pushsection directives (bsc#1068032).\n- arm64: Implement array_index_mask_nospec() (bsc#1068032).\n- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).\n- arm64: Implement branch predictor hardening for Falkor (bsc#1068032).\n- arm64: Initialise high_memory global variable earlier (bnc#1012382).\n- arm64: introduce an order for exceptions (bsc#1068032).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).\n- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).\n- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).\n- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).\n- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).\n- arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set (bnc#1012382).\n- arm64: kill ESR_LNX_EXEC (bsc#1068032).\n- arm64: kpti: Add ->enable callback to remap swapper using nG mappings (bsc#1068032).\n- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).\n- arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0() (bsc#1068032).\n- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bsc#1076232).\n- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm64: kvm: Make PSCI_VERSION a fast path (bsc#1068032).\n- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).\n- arm64: Make USER_DS an inclusive limit (bsc#1068032).\n- arm64: Mask all exceptions during kernel_exit (bsc#1068032).\n- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).\n- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).\n- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: hardcode rodata=true (bsc#1068032).\n- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).\n- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).\n- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).\n- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).\n- arm64: mm: Permit transitioning from Global to Non-Global without BBM (bsc#1068032).\n- arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 (bsc#1068032).\n- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).\n- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).\n- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).\n- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).\n- arm64: move TASK_* definitions to <asm/processor.h> (bsc#1068032).\n- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).\n- arm64: Run enable method for errata work arounds on late CPUs (bsc#1085045).\n- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).\n- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).\n- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).\n- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).\n- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).\n- arm64: thunderx2: remove branch predictor hardening References: bsc#1076232 This causes undefined instruction abort on the smc call from guest kernel. Disable until kvm is fixed.\n- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).\n- arm64: Turn on KPTI only on CPUs that need it (bsc#1076187).\n- arm64: uaccess: Do not bother eliding access_ok checks in __{get, put}_user (bsc#1068032).\n- arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user (bsc#1068032).\n- arm64: uaccess: Prevent speculative use of the current addr_limit (bsc#1068032).\n- arm64: use alternative auto-nop (bsc#1068032).\n- arm64: Use pointer masking to limit uaccess speculation (bsc#1068032).\n- arm64: use RET instruction for exiting the trampoline (bsc#1068032).\n- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).\n- arm: 8731/1: Fix csum_partial_copy_from_user() stack mismatch (bnc#1012382).\n- arm: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function (bnc#1012382).\n- arm/arm64: kvm: Make default HYP mappings non-excutable (bsc#1068032).\n- arm: avoid faulting on qemu (bnc#1012382).\n- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).\n- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).\n- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).\n- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).\n- arm: dts: am4372: Correct the interrupts_properties of McASP (bnc#1012382).\n- arm: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen (bnc#1012382).\n- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).\n- arm: dts: ls1021a: fix incorrect clock references (bnc#1012382).\n- arm: dts: s5pv210: add interrupt-parent for ohci (bnc#1012382).\n- arm: dts: STi: Add gpio polarity for 'hdmi,hpd-gpio' property (bnc#1012382).\n- arm: dts: ti: fix PCI bus dtc warnings (bnc#1012382).\n- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).\n- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).\n- arm: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).\n- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).\n- arm: OMAP2+: Fix device node reference counts (bnc#1012382).\n- arm: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context (bnc#1012382).\n- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).\n- arm: omap2: hide omap3_save_secure_ram on non-OMAP3 builds (git-fixes).\n- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).\n- arm: pxa/tosa-bt: add MODULE_LICENSE tag (bnc#1012382).\n- arm: spear13xx: Fix dmas cells (bnc#1012382).\n- arm: spear13xx: Fix spics gpio controller's warning (bnc#1012382).\n- arm: spear600: Add missing interrupt-parent of rtc (bnc#1012382).\n- arm: tegra: select USB_ULPI from EHCI rather than platform (bnc#1012382).\n- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).\n- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).\n- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).\n- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bsc#1031717).\n- ASoC: Intel: Kconfig: fix build when ACPI is not enabled (bnc#1012382).\n- ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()' (bsc#1031717).\n- ASoC: mediatek: add i2c dependency (bnc#1012382).\n- ASoC: nuc900: Fix a loop timeout test (bsc#1031717).\n- asoc: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- ASoC: rockchip: disable clock on error (bnc#1012382).\n- asoc: rsnd: avoid duplicate free_irq() (bnc#1012382).\n- asoc: rsnd: do not call free_irq() on Parent SSI (bnc#1012382).\n- asoc: simple-card: Fix misleading error message (bnc#1012382).\n- ASoC: ux500: add MODULE_LICENSE tag (bnc#1012382).\n- ata: ahci_xgene: free structure returned by acpi_get_object_info() (bsc#1082979).\n- ata: pata_artop: remove redundant initialization of pio (bsc#1082979).\n- ata: sata_dwc_460ex: remove incorrect locking (bsc#1082979).\n- ath9k: fix tx99 potential info leak (bnc#1012382).\n- atm: horizon: Fix irq release error (bnc#1012382).\n- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).\n- axonram: Fix gendisk handling (bnc#1012382).\n- b2c2: flexcop: avoid unused function warnings (bnc#1012382).\n- backlight: pwm_bl: Fix overflow condition (bnc#1012382).\n- bcache: add a comment in journal bucket reading (bsc#1076110).\n- bcache: Avoid nested function definition (bsc#1076110).\n- bcache: bch_allocator_thread() is not freezable (bsc#1076110).\n- bcache: bch_writeback_thread() is not freezable (bsc#1076110).\n- bcache: check return value of register_shrinker (bsc#1076110).\n- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).\n- bcache: documentation updates and corrections (bsc#1076110).\n- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).\n- bcache: do not write back data if reading it failed (bsc#1076110).\n- bcache: explicitly destroy mutex while exiting (bnc#1012382).\n- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).\n- bcache: fix sequential large write IO bypass (bsc#1076110).\n- bcache: fix wrong cache_misses statistics (bnc#1012382).\n- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).\n- bcache: implement PI controller for writeback rate (bsc#1076110).\n- bcache: increase the number of open buckets (bsc#1076110).\n- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110, bsc#1019784).\n- bcache: rearrange writeback main thread ratelimit (bsc#1076110).\n- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).\n- bcache: Remove redundant set_capacity (bsc#1076110).\n- bcache: remove unused parameter (bsc#1076110).\n- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085).\n- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).\n- bcache: silence static checker warning (bsc#1076110).\n- bcache: smooth writeback rate control (bsc#1076110).\n- bcache.txt: standardize document format (bsc#1076110).\n- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).\n- bcache: update bucket_in_use in real time (bsc#1076110).\n- bcache: Update continue_at() documentation (bsc#1076110).\n- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).\n- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).\n- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).\n- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).\n- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844 FATE#320192).\n- binder: add missing binder_unlock() (bnc#1012382).\n- binder: check for binder_thread allocation failure in binder_poll() (bnc#1012382).\n- binfmt_elf: compat: avoid unused function warning (bnc#1012382).\n- blacklist acb1feab320e powerpc/64: Do not trace irqs-off at interrupt return to soft-disabled context\n- blacklist.conf: Blacklist 9d25e3cc83d731ae4eeb017fd07562fde3f80bef Exynos IOMMU is not enabled in any config.\n- blacklist.conf: blacklist d207af2eab3f8668b95ad02b21930481c42806fd\n- blacklist.conf: blacklist too intrusive patches (bsc#1082979)\n- blacklist.conf: commit fd5f7cde1b85d4c8e09 ('printk: Never set console_may_schedule in console_trylock()')\n- blacklist.conf: da391d640c528bc5bb227ea5b39c882b75ac3167 Comment-only fix\n- blk-mq: add warning to __blk_mq_run_hw_queue() for ints disabled (bsc#1084772).\n- blk-mq: stop 'delayed_run_work' in blk_mq_stop_hw_queue() (bsc#1084967).\n- blk-mq: turn WARN_ON in __blk_mq_run_hw_queue into printk (bsc#1084772).\n- blktrace: fix unlocked registration of tracepoints (bnc#1012382).\n- block: fix an error code in add_partition() (bsc#1082979).\n- block: Fix __bio_integrity_endio() documentation (bsc#1082979).\n- block: wake up all tasks blocked in get_request() (bnc#1012382).\n- bluetooth: btsdio: Do not bind to non-removable BCM43341 (bnc#1012382).\n- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).\n- bluetooth: btusb: Restore QCA Rome suspend/resume fix with a 'rewritten' version (bnc#1012382).\n- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).\n- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).\n- bnx2x: Improve reliability in case of nested PCI errors (bnc#1012382).\n- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).\n- bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine (bnc#1012382).\n- bpf: arsh is not supported in 32 bit alu thus reject it (bnc#1012382).\n- bpf: avoid false sharing of map refcount with max_entries (bnc#1012382).\n- bpf: fix 32-bit divide by zero (bnc#1012382).\n- bpf: fix bpf_tail_call() x64 JIT (bnc#1012382).\n- bpf: fix divides by zero (bnc#1012382).\n- bpf: introduce BPF_JIT_ALWAYS_ON config (bnc#1012382).\n- bpf: reject stores into ctx via st and xadd (bnc#1012382).\n- bridge: implement missing ndo_uninit() (bsc#1042286).\n- bridge: move bridge multicast cleanup to ndo_uninit (bsc#1042286).\n- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).\n- btrfs: copy fsid to super_block s_uuid (bsc#1080774).\n- btrfs: fix crash due to not cleaning up tree log block's dirty bits (bnc#1012382).\n- btrfs: fix deadlock in run_delalloc_nocow (bnc#1012382).\n- btrfs: fix deadlock when writing out space cache (bnc#1012382).\n- btrfs: Fix possible off-by-one in btrfs_search_path_in_tree (bnc#1012382).\n- btrfs: Fix quota reservation leak on preallocated files (bsc#1079989).\n- btrfs: fix unexpected -EEXIST when creating new inode (bnc#1012382).\n- btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker (bnc#1012382).\n- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: flex_can: Correct the checking for frame length in flexcan_start_xmit() (bnc#1012382).\n- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).\n- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).\n- can: kvaser_usb: free buf in error paths (bnc#1012382).\n- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).\n- can: peak: fix potential bug in packet fragmentation (bnc#1012382).\n- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).\n- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- cdc-acm: apply quirk for card reader (bsc#1060279).\n- cdrom: factor out common open_for_* code (bsc#1048585).\n- cdrom: turn off autoclose by default (bsc#1080813).\n- cdrom: wait for tray to close (bsc#1048585).\n- ceph: fix incorrect snaprealm when adding caps (bsc#1081735).\n- ceph: fix un-balanced fsc->writeback_count update (bsc#1081735).\n- ceph: more accurate statfs (bsc#1077068).\n- cfg80211: check dev_set_name() return value (bnc#1012382).\n- cfg80211: fix cfg80211_beacon_dup (bnc#1012382).\n- cifs: dump IPC tcon in debug proc file (bsc#1071306).\n- cifs: Fix autonegotiate security settings mismatch (bnc#1012382).\n- cifs: Fix missing put_xid in cifs_file_strict_mmap (bnc#1012382).\n- cifs: make IPC a regular tcon (bsc#1071306).\n- cifs: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl (bsc#1071306).\n- cifs: zero sensitive data when freeing (bnc#1012382).\n- clk: fix a panic error caused by accessing NULL pointer (bnc#1012382).\n- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).\n- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).\n- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).\n- config: arm64: enable HARDEN_BRANCH_PREDICTOR\n- config: arm64: enable UNMAP_KERNEL_AT_EL0\n- console/dummy: leave .con_font_get set to NULL (bnc#1012382).\n- cpufreq: Add Loongson machine dependencies (bnc#1012382).\n- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).\n- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).\n- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).\n- crypto: aesni - handle zero length dst buffer (bnc#1012382).\n- crypto: af_alg - whitelist mask and type (bnc#1012382).\n- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).\n- crypto: caam - fix endless loop when DECO acquire fails (bnc#1012382).\n- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).\n- crypto: chelsio - select CRYPTO_GF128MUL (bsc#1048325).\n- crypto: cryptd - pass through absence of ->setkey() (bnc#1012382).\n- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).\n- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).\n- crypto: hash - introduce crypto_hash_alg_has_setkey() (bnc#1012382).\n- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).\n- crypto: n2 - cure use after free (bnc#1012382).\n- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).\n- crypto: poly1305 - remove ->setkey() method (bnc#1012382).\n- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).\n- crypto: s5p-sss - Fix kernel Oops in AES-ECB mode (bnc#1012382).\n- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).\n- crypto: tcrypt - fix S/G table for test_aead_speed() (bnc#1012382).\n- crypto: x86/twofish-3way - Fix %rbp usage (bnc#1012382).\n- cw1200: fix bogus maybe-uninitialized warning (bnc#1012382).\n- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).\n- dax: Pass detailed error code from __dax_fault() (bsc#1072484).\n- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).\n- dccp: limit sk_filter trim to payload (bsc#1042286).\n- Deadly BUG_ON() had not been removed after all, merely relocated. (bnc#1083056)\n- delay: add poll_event_interruptible (bsc#1048585).\n- dell-wmi, dell-laptop: depends DMI (bnc#1012382).\n- direct-io: Fix sleep in atomic due to sync AIO (bsc#1084888).\n- dlm: fix double list_del() (bsc#1082795).\n- dlm: fix malfunction of dlm_tool caused by debugfs changes (bsc#1077704).\n- dlm: fix NULL pointer dereference in send_to_sock() (bsc#1082795).\n- dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved (bnc#1012382).\n- dmaengine: dmatest: fix container_of member in dmatest_callback (bnc#1012382).\n- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).\n- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).\n- dmaengine: ioat: Fix error handling path (bnc#1012382).\n- dmaengine: jz4740: disable/unprepare clk if probe fails (bnc#1012382).\n- dmaengine: pl330: fix double lock (bnc#1012382).\n- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).\n- dmaengine: zx: fix build warning (bnc#1012382).\n- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).\n- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).\n- dm: correctly handle chained bios in dec_pending() (bnc#1012382).\n- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).\n- dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock (bnc#1012382).\n- do not put symlink bodies in pagecache into highmem (bnc#1012382).\n- dpt_i2o: fix build warning (bnc#1012382).\n- driver-core: use 'dev' argument in dev_dbg_ratelimited stub (bnc#1012382).\n- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).\n- drivers: hv: balloon: Correctly update onlined page count (fate#315887, bsc#1082632).\n- drivers: hv: balloon: Initialize last_post_time on startup (fate#315887, bsc#1082632).\n- drivers: hv: balloon: Show the max dynamic memory assigned (fate#315887, bsc#1082632).\n- drivers: hv: kvp: Use MAX_ADAPTER_ID_SIZE for translating adapter id (fate#315887, bsc#1082632).\n- drivers: hv: Turn off write permission on the hypercall page (fate#315887, bsc#1082632).\n- drivers: hv: vmbus: Fix rescind handling (fate#315887, bsc#1082632).\n- drivers: hv: vmbus: Fix rescind handling issues (fate#315887, bsc#1082632).\n- drivers/net: fix eisa_driver probe section mismatch (bnc#1012382).\n- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).\n- drm/amdgpu: Avoid leaking PM domain on driver unbind (v2) (bnc#1012382).\n- drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode (bnc#1012382).\n- drm/amdkfd: Fix SDMA oversubsription handling (bnc#1012382).\n- drm/amdkfd: Fix SDMA ring buffer size calculation (bnc#1012382).\n- drm/armada: fix leak of crtc structure (bnc#1012382).\n- drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA (bnc#1012382).\n- drm: extra printk() wrapper macros (bnc#1012382).\n- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).\n- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).\n- drm/gma500: remove helper function (bnc#1012382).\n- drm/gma500: Sanity-check pipe index (bnc#1012382).\n- drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized (bnc#1012382).\n- drm/nouveau/pci: do a msi rearm on init (bnc#1012382).\n- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).\n- drm/radeon: adjust tested variable (bnc#1012382).\n- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).\n- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).\n- drm: rcar-du: Fix race condition when disabling planes at CRTC stop (bnc#1012382).\n- drm: rcar-du: Use the VBK interrupt for vblank events (bnc#1012382).\n- drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all (bnc#1012382).\n- drm/ttm: check the return value of kzalloc (bnc#1012382).\n- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).\n- drm/vmwgfx: use *_32_bits() macros (bnc#1012382).\n- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).\n- e1000: fix disabling already-disabled warning (bnc#1012382).\n- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).\n- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).\n- edac, octeon: Fix an uninitialized variable warning (bnc#1012382).\n- edac, sb_edac: Fix missing break in switch (bnc#1012382).\n- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).\n- efi: Move some sysfs files to be read-only by root (bnc#1012382).\n- em28xx: only use mt9v011 if camera support is enabled (bnc#1012382).\n- enable DST_CACHE in non-vanilla configs except s390x/zfcpdump\n- eventpoll.h: add missing epoll event masks (bnc#1012382).\n- ext4: correct documentation for grpid mount option (bnc#1012382).\n- ext4: do not unnecessarily allocate buffer in recently_deleted() (bsc#1080344).\n- ext4: fix crash when a directory's i_size is too small (bnc#1012382).\n- ext4: Fix data exposure after failed AIO DIO (bsc#1069135 bsc#1082864).\n- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).\n- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).\n- ext4: save error to disk in __ext4_grp_locked_error() (bnc#1012382).\n- f2fs: fix a bug caused by NULL extent tree (bsc#1082478).\n- fbdev: auo_k190x: avoid unused function warnings (bnc#1012382).\n- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).\n- fbdev: s6e8ax0: avoid unused function warnings (bnc#1012382).\n- fbdev: sis: enforce selection of at least one backend (bnc#1012382).\n- fbdev: sm712fb: avoid unused function warnings (bnc#1012382).\n- Fix build error in vma.c (bnc#1012382).\n- Fixup hang when calling 'nvme list' on all paths down (bsc#1070052).\n- fjes: Fix wrong netdevice feature flags (bnc#1012382).\n- flow_dissector: properly cap thoff field (bnc#1012382).\n- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).\n- fork: clear thread stack upon allocation (bsc#1077560).\n- fs: Avoid invalidation in interrupt context in dio_complete() (bsc#1073407 bsc#1069135).\n- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).\n- fs: Fix page cache inconsistency when mixing buffered and AIO DIO (bsc#1073407 bsc#1069135).\n- fs: invalidate page cache after end_io() in dio completion (bsc#1073407 bsc#1069135).\n- ftrace: Remove incorrect setting of glob search field (bnc#1012382).\n- futex: Prevent overflow by strengthen input validation (bnc#1012382).\n- gcov: disable for COMPILE_TEST (bnc#1012382).\n- geneve: fix populating tclass in geneve_get_v6_dst (bsc#1042286).\n- genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg (bnc#1012382).\n- genirq/msi: Fix populating multiple interrupts (bsc#1085047).\n- genirq: Restore trigger settings in irq_modify_status() (bsc#1085056).\n- genksyms: Fix segfault with invalid declarations (bnc#1012382).\n- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).\n- gianfar: fix a flooded alignment reports because of padding issue (bnc#1012382).\n- go7007: add MEDIA_CAMERA_SUPPORT dependency (bnc#1012382).\n- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).\n- gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE (bnc#1012382).\n- gpio: intel-mid: Fix build warning when !CONFIG_PM (bnc#1012382).\n- gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- gpio: xgene: mark PM functions as __maybe_unused (bnc#1012382).\n- grace: replace BUG_ON by WARN_ONCE in exit_net hook (bnc#1012382).\n- gre: build header correctly for collect metadata tunnels (bsc#1042286).\n- gre: do not assign header_ops in collect metadata mode (bsc#1042286).\n- gre: do not keep the GRE header around in collect medata mode (bsc#1042286).\n- gre: reject GUE and FOU in collect metadata mode (bsc#1042286).\n- hdpvr: hide unused variable (bnc#1012382).\n- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).\n- hid: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working (bnc#1012382).\n- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).\n- hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close (bnc#1012382).\n- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) (bnc#1012382).\n- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).\n- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).\n- hv_netvsc: Add ethtool handler to set and get TCP hash levels (fate#315887, bsc#1082632).\n- hv_netvsc: Add ethtool handler to set and get UDP hash levels (fate#315887, bsc#1082632).\n- hv_netvsc: Add initialization of tx_table in netvsc_device_add() (fate#315887, bsc#1082632).\n- hv_netvsc: Change the hash level variable to bit flags (fate#315887, bsc#1082632).\n- hv_netvsc: Clean up an unused parameter in rndis_filter_set_rss_param() (fate#315887, bsc#1082632).\n- hv_netvsc: Clean up unused parameter from netvsc_get_hash() (fate#315887, bsc#1082632).\n- hv_netvsc: Clean up unused parameter from netvsc_get_rss_hash_opts() (fate#315887, bsc#1082632).\n- hv_netvsc: copy_to_send buf can be void (fate#315887, bsc#1082632).\n- hv_netvsc: do not need local xmit_more (fate#315887, bsc#1082632).\n- hv_netvsc: drop unused macros (fate#315887, bsc#1082632).\n- hv_netvsc: empty current transmit aggregation if flow blocked (fate#315887, bsc#1082632).\n- hv_netvsc: Fix rndis_filter_close error during netvsc_remove (fate#315887, bsc#1082632).\n- hv_netvsc: fix send buffer failure on MTU change (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the channel limit in netvsc_set_rxfh() (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the real number of queues of non-vRSS cases (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the receive buffer size limit (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the TX/RX buffer default sizes (fate#315887, bsc#1082632).\n- hv_netvsc: hide warnings about uninitialized/missing rndis device (fate#315887, bsc#1082632).\n- hv_netvsc: make const array ver_list static, reduces object code size (fate#315887, bsc#1082632).\n- hv_netvsc: optimize initialization of RNDIS header (fate#315887, bsc#1082632).\n- hv_netvsc: pass netvsc_device to receive callback (fate#315887, bsc#1082632).\n- hv_netvsc: remove open_cnt reference count (fate#315887, bsc#1082632).\n- hv_netvsc: Rename ind_table to rx_table (fate#315887, bsc#1082632).\n- hv_netvsc: Rename tx_send_table to tx_table (fate#315887, bsc#1082632).\n- hv_netvsc: replace divide with mask when computing padding (fate#315887, bsc#1082632).\n- hv_netvsc: report stop_queue and wake_queue (fate#315887, bsc#1082632).\n- hv_netvsc: simplify function args in receive status path (fate#315887, bsc#1082632).\n- hv_netvsc: Simplify the limit check in netvsc_set_channels() (fate#315887, bsc#1082632).\n- hv_netvsc: track memory allocation failures in ethtool stats (fate#315887, bsc#1082632).\n- hv: preserve kabi by keeping hv_do_hypercall (bnc#1082632).\n- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).\n- hwmon: (pmbus) Use 64bit math for DIRECT format values (bnc#1012382).\n- hwrng: exynos - use __maybe_unused to hide pm functions (bnc#1012382).\n- hyper-v: trace vmbus_ongpadl_created() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_ongpadl_torndown() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_on_message() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_on_msg_dpc() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onoffer() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onoffer_rescind() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onopen_result() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onversion_response() (fate#315887, bsc#1082632).\n- hyper-v: Use fast hypercall for HVCALL_SIGNAL_EVENT (fate#315887, bsc#1082632).\n- i2c: remove __init from i2c_register_board_info() (bnc#1012382).\n- i40iw: Account for IPv6 header when setting MSS (bsc#1024376 FATE#321249).\n- i40iw: Allocate a sdbuf per CQP WQE (bsc#1024376 FATE#321249).\n- i40iw: Cleanup AE processing (bsc#1024376 FATE#321249).\n- i40iw: Clear CQP Head/Tail during initialization (bsc#1024376 FATE#321249).\n- i40iw: Correct ARP index mask (bsc#1024376 FATE#321249).\n- i40iw: Correct Q1/XF object count equation (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Do not allow posting WR after QP is flushed (bsc#1024376 FATE#321249).\n- i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE (bsc#1024376 FATE#321249).\n- i40iw: Do not generate CQE for RTR on QP flush (bsc#1024376 FATE#321249).\n- i40iw: Do not retransmit MPA request after it is ACKed (bsc#1024376 FATE#321249).\n- i40iw: Fixes for static checker warnings (bsc#1024376 FATE#321249).\n- i40iw: Fix sequence number for the first partial FPDU (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Fix the connection ORD value for loopback (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Ignore AE source field in AEQE for some AEs (bsc#1024376 FATE#321249).\n- i40iw: Move cqp_cmd_head init to CQP initialization (bsc#1024376 FATE#321249).\n- i40iw: Move exception_lan_queue to VSI structure (bsc#1024376 FATE#321249).\n- i40iw: Move MPA request event for loopback after connect (bsc#1024376 FATE#321249).\n- i40iw: Notify user of established connection after QP in RTS (bsc#1024376 FATE#321249).\n- i40iw: Reinitialize IEQ on MTU change (bsc#1024376 FATE#321249).\n- i40iw: Remove limit on re-posting AEQ entries to HW (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Selectively teardown QPs on IP addr change event (bsc#1024376 FATE#321249).\n- i40iw: Validate correct IRD/ORD connection parameters (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- ib/hfi1: Fix for potential refcount leak in hfi1_open_file() (FATE#321231 FATE#321473).\n- ib/hfi1: Fix misspelling in comment (bsc#973818, fate#319242).\n- ib/hfi1: Prevent kernel QP post send hard lockups (bsc#973818 FATE#319242).\n- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).\n- ib/ipoib: Fix race condition in neigh creation (bsc#1022595 FATE#322350).\n- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).\n- ib/iser: Handle lack of memory management extentions correctly (bsc#1082979).\n- ib/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports (bnc#1012382).\n- ib/mlx4: Fix mlx4_ib_alloc_mr error flow (bnc#1012382).\n- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).\n- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).\n- ib/mlx5: Serialize access to the VMA list (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- ibmvnic: Account for VLAN header length in TX buffers (bsc#1085239).\n- ibmvnic: Account for VLAN tag in L2 Header descriptor (bsc#1085239).\n- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).\n- ibmvnic: Allocate max queues stats buffers (bsc#1081498).\n- ibmvnic: Allocate statistics buffers during probe (bsc#1082993).\n- ibmvnic: Check for NULL skb's in NAPI poll routine (bsc#1081134, git-fixes).\n- ibmvnic: Clean RX pool buffers during device close (bsc#1081134).\n- ibmvnic: Clean up device close (bsc#1084610).\n- ibmvnic: Correct goto target for tx irq initialization failure (bsc#1082223).\n- ibmvnic: Do not attempt to login if RX or TX queues are not allocated (bsc#1082993).\n- ibmvnic: Do not disable device during failover or partition migration (bsc#1084610).\n- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).\n- ibmvnic: Ensure that buffers are NULL after free (bsc#1080014).\n- ibmvnic: Fix early release of login buffer (bsc#1081134, git-fixes).\n- ibmvnic: fix empty firmware version and errors cleanup (bsc#1079038).\n- ibmvnic: fix firmware version when no firmware level has been provided by the VIOS server (bsc#1079038).\n- ibmvnic: Fix IP offload control buffer (bsc#1076899).\n- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).\n- ibmvnic: Fix login buffer memory leaks (bsc#1081134).\n- ibmvnic: Fix NAPI structures memory leak (bsc#1081134).\n- ibmvnic: Fix pending MAC address changes (bsc#1075627).\n- ibmvnic: Fix recent errata commit (bsc#1085239).\n- ibmvnic: Fix rx queue cleanup for non-fatal resets (bsc#1080014).\n- ibmvnic: Fix TX descriptor tracking again (bsc#1082993).\n- ibmvnic: Fix TX descriptor tracking (bsc#1081491).\n- ibmvnic: Free and re-allocate scrqs when tx/rx scrqs change (bsc#1081498).\n- ibmvnic: Free RX socket buffer in case of adapter error (bsc#1081134).\n- ibmvnic: Generalize TX pool structure (bsc#1085224).\n- ibmvnic: Handle TSO backing device errata (bsc#1085239).\n- ibmvnic: Harden TX/RX pool cleaning (bsc#1082993).\n- ibmvnic: Improve TX buffer accounting (bsc#1085224).\n- ibmvnic: Keep track of supplementary TX descriptors (bsc#1081491).\n- ibmvnic: Make napi usage dynamic (bsc#1081498).\n- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).\n- ibmvnic: Move active sub-crq count settings (bsc#1081498).\n- ibmvnic: Pad small packets to minimum MTU size (bsc#1085239).\n- ibmvnic: queue reset when CRQ gets closed during reset (bsc#1080263).\n- ibmvnic: Remove skb->protocol checks in ibmvnic_xmit (bsc#1080384).\n- ibmvnic: Rename active queue count variables (bsc#1081498).\n- ibmvnic: Reorganize device close (bsc#1084610).\n- ibmvnic: Report queue stops and restarts as debug output (bsc#1082993).\n- ibmvnic: Reset long term map ID counter (bsc#1080364).\n- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).\n- ibmvnic: Split counters for scrq/pools/napi (bsc#1082223).\n- ibmvnic: Update and clean up reset TX pool routine (bsc#1085224).\n- ibmvnic: Update release RX pool routine (bsc#1085224).\n- ibmvnic: Update TX and TX completion routines (bsc#1085224).\n- ibmvnic: Update TX pool initialization routine (bsc#1085224).\n- ibmvnic: Wait for device response when changing MAC (bsc#1078681).\n- ibmvnic: Wait until reset is complete to set carrier on (bsc#1081134).\n- ib/qib: Fix comparison error with qperf compare/swap test (FATE#321231 FATE#321473).\n- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (bsc#973818, fate#319242).\n- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).\n- ib/srpt: Fix ACL lookup during login (bsc#1024296 FATE#321265).\n- ib/srpt: Remove an unused structure member (bsc#1082979).\n- idle: i7300: add PCI dependency (bnc#1012382).\n- igb: check memory allocation failure (bnc#1012382).\n- igb: Free IRQs when device is hotplugged (bnc#1012382).\n- iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels (bnc#1012382).\n- iio: adis_lib: Initialize trigger before requesting interrupt (bnc#1012382).\n- iio: buffer: check if a buffer has been set up when poll is called (bnc#1012382).\n- ima: fix hash algorithm initialization (bnc#1012382).\n- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).\n- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).\n- input: elantech - add new icbody type 15 (bnc#1012382).\n- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).\n- input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning (bnc#1012382).\n- input: tca8418_keypad - remove double read of key event register (git-fixes).\n- input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).\n- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix child-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix DT node memory management (bnc#1012382).\n- intel_th: pci: Add Gemini Lake support (bnc#1012382).\n- iommu/amd: Add align parameter to alloc_irq_index() (bsc#975772).\n- iommu/amd: Enforce alignment for MSI IRQs (bsc#975772).\n- iommu/amd: Fix alloc_irq_index() increment (bsc#975772).\n- iommu/amd: Limit the IOVA page range to the specified addresses (fate#321026).\n- iommu/arm-smmu-v3: Cope with duplicated Stream IDs (bsc#1084926).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).\n- iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range (bsc#1084928).\n- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).\n- iommu/vt-d: Use domain instead of cache fetching (bsc#975772).\n- ip6_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).\n- ip6mr: fix stale iterator (bnc#1012382).\n- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).\n- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).\n- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).\n- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).\n- ipmi: Stop timers before cleaning up the module (bnc#1012382).\n- ip_tunnel: fix preempt warning in ip tunnel creation/updating (bnc#1012382).\n- ip_tunnel: replace dst_cache with generic implementation (bnc#1012382).\n- ipv4: allow local fragmentation in ip_finish_output_gso() (bsc#1042286).\n- ipv4: fix checksum annotation in udp4_csum_init (bsc#1042286).\n- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).\n- ipv4: igmp: guard against silly MTU values (bnc#1012382).\n- ipv4: ipconfig: avoid unused ic_proto_used symbol (bnc#1012382).\n- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).\n- ipv4: update comment to document GSO fragmentation cases (bsc#1042286).\n- ipv6: datagram: Refactor dst lookup and update codes to a new function (bsc#1042286).\n- ipv6: datagram: Refactor flowi6 init codes to a new function (bsc#1042286).\n- ipv6: datagram: Update dst cache of a connected datagram sk during pmtu update (bsc#1042286).\n- ipv6: fix checksum annotation in udp6_csum_init (bsc#1042286).\n- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).\n- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).\n- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).\n- ipv6: icmp6: Allow icmp messages to be looped back (bnc#1012382).\n- ipv6/ila: fix nlsize calculation for lwtunnel (bsc#1042286).\n- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).\n- ipv6: mcast: better catch silly mtu values (bnc#1012382).\n- ipv6: remove unused in6_addr struct (bsc#1042286).\n- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).\n- ipv6: tcp: fix endianness annotation in tcp_v6_send_response (bsc#1042286).\n- ipv6: udp: Do a route lookup and update during release_cb (bsc#1042286).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bnc#1012382).\n- ipvlan: fix ipv6 outbound device (bnc#1012382).\n- ipvlan: fix multicast processing (bsc#1042286).\n- ipvlan: fix various issues in ipvlan_process_multicast() (bsc#1042286).\n- ipvlan: remove excessive packet scrubbing (bsc#1070799).\n- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).\n- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).\n- irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq() (bnc#1012382).\n- iscsi_iser: Re-enable 'iser_pi_guard' module parameter (bsc#1062129).\n- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).\n- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).\n- isdn: eicon: reduce stack size of sig_ind function (bnc#1012382).\n- isdn: icn: remove a #warning (bnc#1012382).\n- isdn: kcapi: avoid uninitialized data (bnc#1012382).\n- isdn: sc: work around type mismatch warning (bnc#1012382).\n- iser-target: Fix possible use-after-free in connection establishment error (FATE#321732).\n- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).\n- ixgbe: fix use of uninitialized padding (bnc#1012382).\n- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (git-fixes).\n- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).\n- Kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076805).\n- kABI: protect struct bpf_map (kabi).\n- kABI: protect struct cpuinfo_x86 (kabi).\n- kABI: protect struct ethtool_link_settings (bsc#1085050).\n- kABI: protect struct ip_tunnel and reintroduce ip_tunnel_dst_reset_all (kabi).\n- kABI: protect struct ipv6_pinfo (kabi).\n- kABI: protect struct t10_alua_tg_pt_gp (kabi).\n- kABI: protect struct usbip_device (kabi).\n- kABI: reintroduce crypto_poly1305_setkey (kabi).\n- kabi: restore kabi after 'net: replace dst_cache ip6_tunnel implementation with the generic one' (bsc#1082897).\n- kabi: restore nft_set_elem_destroy() signature (bsc#1042286).\n- kabi: restore rhashtable_insert_slow() signature (bsc#1042286).\n- kabi/severities: add sclp to KABI ignore list\n- kabi/severities: add __x86_indirect_thunk_rsp\n- kabi/severities: arm64: ignore cpu capability array\n- kabi/severities: as per bsc#1068569 we can ignore XFS kabi The gods have spoken, let there be light.\n- kabi/severities: do not care about stuff_RSB\n- kabi/severities: Ignore kvm for KABI severities\n- kabi: uninline sk_receive_skb() (bsc#1042286).\n- kaiser: fix compile error without vsyscall (bnc#1012382).\n- kaiser: fix intel_bts perf crashes (bnc#1012382).\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kasan: rework Kconfig settings (bnc#1012382).\n- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).\n- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).\n- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).\n- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).\n- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).\n- kernel/async.c: revert 'async: simplify lowest_in_progress()' (bnc#1012382).\n- kernel: fix rwlock implementation (bnc#1079886, LTC#164371).\n- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).\n- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).\n- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).\n- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).\n- kernfs: fix regression in kernfs_fop_write caused by wrong type (bnc#1012382).\n- keys: add missing permission check for request_key() destination (bnc#1012382).\n- keys: encrypted: fix buffer overread in valid_master_desc() (bnc#1012382).\n- kmemleak: add scheduling point to kmemleak_scan() (bnc#1012382).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).\n- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).\n- kpti: Report when enabled (bnc#1012382).\n- kvm: add X86_LOCAL_APIC dependency (bnc#1012382).\n- kvm: ARM64: fix phy counter access failure in guest (bsc#1085015).\n- kvm: arm/arm64: Check pagesize when allocating a hugepage at Stage 2 (bsc#1079029).\n- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).\n- kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types (bnc#1012382).\n- kvm: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bnc#1012382).\n- kvm: nVMX: invvpid handling improvements (bnc#1012382).\n- kvm: nVMX: kmap() can't fail (bnc#1012382).\n- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).\n- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).\n- kvm: nVMX: vmx_complete_nested_posted_interrupt() can't fail (bnc#1012382).\n- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).\n- kvm: PPC: Book3S PR: Fix svcpu copying with preemption enabled (bsc#1066223).\n- kvm: s390: Add operation exception interception handler (FATE#324070, LTC#158959).\n- kvm: s390: Add sthyi emulation (FATE#324070, LTC#158959).\n- kvm: s390: Enable all facility bits that are known good for passthrough (bsc#1076805).\n- kvm: s390: Enable all facility bits that are known good for passthrough (FATE#324071, LTC#158956).\n- kvm: s390: Extend diag 204 fields (FATE#324070, LTC#158959).\n- kvm: s390: Fix STHYI buffer alignment for diag224 (FATE#324070, LTC#158959).\n- kvm: s390: instruction-execution-protection support (LTC#162428).\n- kvm: s390: Introduce BCD Vector Instructions to the guest (FATE#324072, LTC#158953).\n- kvm: s390: Introduce Vector Enhancements facility 1 to the guest (FATE#324072, LTC#158953).\n- kvm: s390: Limit sthyi execution (FATE#324070, LTC#158959).\n- kvm: s390: Populate mask of non-hypervisor managed facility bits (FATE#324071, LTC#158956).\n- kvm: s390: wire up bpb feature (bsc#1076805).\n- kvm: VMX: clean up declaration of VPID/EPT invalidation types (bnc#1012382).\n- kvm: VMX: Fix enable VPID conditions (bnc#1012382).\n- kvm: VMX: Fix rflags cache during vCPU reset (bnc#1012382).\n- kvm: VMX: Make indirect call speculation safe (bnc#1012382).\n- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).\n- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382 bsc#1068032).\n- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).\n- kvm: x86: correct async page present tracepoint (bnc#1012382).\n- kvm: x86: Do not re-execute instruction when not passing CR2 value (bnc#1012382).\n- kvm: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure (bnc#1012382).\n- kvm: x86: fix escape of guest dr6 to the host (bnc#1012382).\n- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).\n- kvm: X86: Fix operand/address-size during instruction decoding (bnc#1012382).\n- kvm: x86: fix RSM when PCID is non-zero (bnc#1012382).\n- kvm: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered (bnc#1012382).\n- kvm: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race (bnc#1012382).\n- kvm: x86: ioapic: Preserve read-only values in the redirection table (bnc#1012382).\n- kvm: x86: Make indirect calls in emulator speculation safe (bnc#1012382).\n- kvm/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods (bnc#1012382).\n- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).\n- l2tp: fix use-after-free during module unload (bsc#1042286).\n- lan78xx: Fix failure in USB Full Speed (bnc#1012382).\n- led: core: Fix brightness setting when setting delay_off=0 (bnc#1012382).\n- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).\n- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).\n- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).\n- libceph: check kstrndup() return value (bsc#1081735).\n- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).\n- lib/mpi: Fix umul_ppmm() for MIPS64r6 (bnc#1012382).\n- lib/uuid.c: introduce a few more generic helpers (fate#315887, bsc#1082632).\n- lib/uuid.c: use correct offset in uuid parser (fate#315887, bsc#1082632).\n- livepatch: introduce shadow variable API (bsc#1082299 fate#313296). Shadow variables support.\n- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c (bsc#1082299 fate#313296). Shadow variables support.\n- lockd: fix 'list_add double add' caused by legacy signal interface (bnc#1012382).\n- loop: fix concurrent lo_open/lo_release (bnc#1012382).\n- mac80211: fix the update of path metric for RANN frame (bnc#1012382).\n- mac80211: mesh: drop frames appearing to be from us (bnc#1012382).\n- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).\n- Make DST_CACHE a silent config option (bnc#1012382).\n- mdio-sun4i: Fix a memory leak (bnc#1012382).\n- md: more open-coded offset_in_page() (bsc#1076110).\n- md/raid1: Use a new variable to count flighting sync requests(bsc#1083048)\n- media: cxusb, dib0700: ignore XC2028_I2C_FLUSH (bnc#1012382).\n- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).\n- media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (bnc#1012382).\n- media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (bnc#1012382).\n- media: r820t: fix r820t_write_reg for KASAN (bnc#1012382).\n- media: s5k6aa: describe some function parameters (bnc#1012382).\n- media: soc_camera: soc_scale_crop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- media: ts2020: avoid integer overflows on 32 bit machines (bnc#1012382).\n- media: usbtv: add a new usbid (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).\n- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (bnc#1012382).\n- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).\n- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).\n- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).\n- mfd: twl6040: Fix child-node lookup (bnc#1012382).\n- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: AR7: ensure the port type's FCR value is used (bnc#1012382).\n- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses (bnc#1012382).\n- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012382).\n- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA (bnc#1012382).\n- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: math-emu: Fix final emulation phase for certain instructions (bnc#1012382).\n- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task (bnc#1012382).\n- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).\n- mlxsw: reg: Fix SPVM max record count (bnc#1012382).\n- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).\n- mmc: bcm2835: Do not overwrite max frequency unconditionally (bsc#983145, git-fixes).\n- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).\n- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).\n- mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep (bnc#1012382).\n- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).\n- mm: hide a #warning for COMPILE_TEST (bnc#1012382).\n- mm/kmemleak.c: make cond_resched() rate-limiting more efficient (git-fixes).\n- mm/mprotect: add a cond_resched() inside change_pmd_range() (bnc#1077871, bnc#1078002).\n- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1081500).\n- mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed (bnc#1012382).\n- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).\n- mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy (bnc#1012382).\n- modsign: hide openssl output in silent builds (bnc#1012382).\n- module: Add retpoline tag to VERMAGIC (bnc#1012382).\n- module/retpoline: Warn about missing retpoline in module (bnc#1012382).\n- module: set __jump_table alignment to 8 (bnc#1012382).\n- more bio_map_user_iov() leak fixes (bnc#1012382).\n- mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bsc#1078583).\n- mptfusion: hide unused seq_mpt_print_ioc_summary function (bnc#1012382).\n- mtd: cfi: convert inline functions to macros (bnc#1012382).\n- mtd: cfi: enforce valid geometry configuration (bnc#1012382).\n- mtd: ichxrom: maybe-uninitialized with gcc-4.9 (bnc#1012382).\n- mtd: maps: add __init attribute (bnc#1012382).\n- mtd: nand: brcmnand: Disable prefetch by default (bnc#1012382).\n- mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- mtd: nand: Fix nand_do_read_oob() return value (bnc#1012382).\n- mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM (bnc#1012382).\n- mtd: nand: sunxi: Fix ECC strength choice (bnc#1012382).\n- mtd: sh_flctl: pass FIFO as physical address (bnc#1012382).\n- mvpp2: fix multicast address filter (bnc#1012382).\n- ncpfs: fix unused variable warning (bnc#1012382).\n- ncr5380: shut up gcc indentation warning (bnc#1012382).\n- net: add dst_cache support (bnc#1012382).\n- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).\n- net/appletalk: Fix kernel memory disclosure (bnc#1012382).\n- net: arc_emac: fix arc_emac_rx() error paths (bnc#1012382).\n- net: avoid skb_warn_bad_offload on IS_ERR (bnc#1012382).\n- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).\n- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).\n- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).\n- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).\n- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).\n- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).\n- net: cdc_ncm: initialize drvflags before usage (bnc#1012382).\n- net: core: fix module type in sock_diag_bind (bnc#1012382).\n- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).\n- net: dst_cache_per_cpu_dst_set() can be static (bnc#1012382).\n- net: ena: add detection and recovery mechanism for handling missed/misrouted MSI-X (bsc#1083548).\n- net: ena: add new admin define for future support of IPv6 RSS (bsc#1083548).\n- net: ena: add power management ops to the ENA driver (bsc#1083548).\n- net: ena: add statistics for missed tx packets (bsc#1083548).\n- net: ena: fix error handling in ena_down() sequence (bsc#1083548).\n- net: ena: fix race condition between device reset and link up setup (bsc#1083548).\n- net: ena: fix rare kernel crash when bar memory remap fails (bsc#1083548).\n- net: ena: fix wrong max Tx/Rx queues on ethtool (bsc#1083548).\n- net: ena: improve ENA driver boot time (bsc#1083548).\n- net: ena: increase ena driver version to 1.3.0 (bsc#1083548).\n- net: ena: increase ena driver version to 1.5.0 (bsc#1083548).\n- net: ena: reduce the severity of some printouts (bsc#1083548).\n- net: ena: remove legacy suspend suspend/resume support (bsc#1083548).\n- net: ena: Remove redundant unlikely() (bsc#1083548).\n- net: ena: unmask MSI-X only after device initialization is completed (bsc#1083548).\n- net: ethernet: cavium: Correct Cavium Thunderx NIC driver names accordingly to module name (bsc#1085011).\n- net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit (bnc#1012382).\n- net: ethtool: Add back transceiver type (bsc#1085050).\n- net: ethtool: remove error check for legacy setting transceiver type (bsc#1085050).\n- net: fec: fix multicast filtering hardware setup (bnc#1012382).\n- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).\n- netfilter: do not track fragmented packets (bnc#1012382).\n- netfilter: drop outermost socket lock in getsockopt() (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).\n- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).\n- netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check() (bnc#1012382).\n- netfilter: ipvs: avoid unused variable warnings (bnc#1012382).\n- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).\n- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).\n- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).\n- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).\n- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).\n- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).\n- netfilter: nf_queue: Make the queue_handler pernet (bnc#1012382).\n- netfilter: nf_tables: fix a wrong check to skip the inactive rules (bsc#1042286).\n- netfilter: nf_tables: fix inconsistent element expiration calculation (bsc#1042286).\n- netfilter: nf_tables: fix *leak* when expr clone fail (bsc#1042286).\n- netfilter: nf_tables: fix race when create new element in dynset (bsc#1042286).\n- netfilter: on sockopt() acquire sock lock only in the required scope (bnc#1012382).\n- netfilter: tee: select NF_DUP_IPV6 unconditionally (bsc#1042286).\n- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (bnc#1012382).\n- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (bnc#1012382).\n- netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert (bnc#1012382).\n- netfilter: xt_socket: fix transparent match for IPv6 request sockets (bsc#1042286).\n- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).\n- net: gianfar_ptp: move set_fipers() to spinlock protecting area (bnc#1012382).\n- net: hns: add ACPI mode support for ethtool -p (bsc#1084041).\n- net: hp100: remove unnecessary #ifdefs (bnc#1012382).\n- net: igmp: add a missing rcu locking section (bnc#1012382).\n- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).\n- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).\n- net: initialize msg.msg_flags in recvfrom (bnc#1012382).\n- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).\n- net/ipv4: Introduce IPSKB_FRAG_SEGS bit to inet_skb_parm.flags (bsc#1042286).\n- netlink: fix nla_put_{u8,u16,u32} for KASAN (bnc#1012382).\n- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).\n- net/mlx5: Avoid NULL pointer dereference on steering cleanup (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Cleanup IRQs in case of unload failure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Add refcount to VXLAN structure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix features check of IPv6 traffic (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare (bsc#1015342).\n- net/mlx5e: Fix loopback self test when GRO is off (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5e: Fix possible deadlock of VXLAN lock (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix wrong delay calculation for overflow check scheduling (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Prevent possible races in VXLAN control flow (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Verify inline header size do not exceed SKB linear size (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Fix rate limit packet pacing naming and struct (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Stay in polling mode when command EQ destroy fails (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5: Use 128B cacheline size for 128B or larger cachelines (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).\n- net: mvneta: clear interface link status on port disable (bnc#1012382).\n- net: mvneta: eliminate wrong call to handle rx descriptor error (fate#319899).\n- net: mvneta: use proper rxq_number in loop on rx queues (fate#319899).\n- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).\n- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).\n- net: phy: Keep reporting transceiver type (bsc#1085050).\n- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).\n- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).\n- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).\n- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).\n- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).\n- net: replace dst_cache ip6_tunnel implementation with the generic one (bnc#1012382).\n- net: Resend IGMP memberships upon peer notification (bnc#1012382).\n- net_sched: red: Avoid devision by zero (bnc#1012382).\n- net_sched: red: Avoid illegal values (bnc#1012382).\n- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).\n- net/smc: fix NULL pointer dereference on sock_create_kern() error path (bsc#1082979).\n- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).\n- net: systemport: Pad packet before inserting TSB (bnc#1012382).\n- net: systemport: Utilize skb_put_padto() (bnc#1012382).\n- net: tcp: close sock if net namespace is exiting (bnc#1012382).\n- netvsc: allow controlling send/recv buffer size (fate#315887, bsc#1082632).\n- netvsc: allow driver to be removed even if VF is present (fate#315887, bsc#1082632).\n- netvsc: check error return when restoring channels and mtu (fate#315887, bsc#1082632).\n- netvsc: cleanup datapath switch (fate#315887, bsc#1082632).\n- netvsc: do not signal host twice if empty (fate#315887, bsc#1082632).\n- netvsc: fix deadlock betwen link status and removal (fate#315887, bsc#1082632).\n- netvsc: increase default receive buffer size (fate#315887, bsc#1082632).\n- netvsc: keep track of some non-fatal overload conditions (fate#315887, bsc#1082632).\n- netvsc: no need to allocate send/receive on numa node (fate#315887, bsc#1082632).\n- netvsc: propagate MAC address change to VF slave (fate#315887, bsc#1082632).\n- netvsc: remove unnecessary cast of void pointer (fate#315887, bsc#1082632).\n- netvsc: remove unnecessary check for NULL hdr (fate#315887, bsc#1082632).\n- netvsc: whitespace cleanup (fate#315887, bsc#1082632).\n- net: vxlan: lwt: Fix vxlan local traffic (bsc#1042286).\n- net: vxlan: lwt: Use source ip address during route lookup (bsc#1042286).\n- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).\n- nfs: Add a cond_resched() to nfs_commit_release_pages() (bsc#1077779).\n- nfs: commit direct writes even if they fail partially (bnc#1012382).\n- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).\n- nfsd: check for use of the closed special stateid (bnc#1012382).\n- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (bnc#1012382).\n- nfsd: Ensure we check stateid validity in the seqid operation checks (bnc#1012382).\n- NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).\n- NFSD: fix nfsd_reset_versions for NFSv4 (bnc#1012382).\n- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (git-fixes).\n- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).\n- nfs: fix a deadlock in nfs client initialization (bsc#1074198).\n- NFS: Fix a typo in nfs_rename() (bnc#1012382).\n- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (bnc#1012382).\n- nfs: reject request for id_legacy key without auxdata (bnc#1012382).\n- nfs: Trunking detection should handle ERESTARTSYS/EINTR (bsc#1074198).\n- NFSv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).\n- NFSv4: Fix client recovery when server reboots multiple times (bnc#1012382).\n- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).\n- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).\n- nvme_fc: cleanup io completion (bsc#1079609).\n- nvme_fc: correct abort race condition on resets (bsc#1079609).\n- nvme_fc: correct hang in nvme_ns_remove() (bsc#1075811).\n- nvme_fc: fix abort race on teardown with lld reject (bsc#1083750).\n- nvme_fc: fix ctrl create failures racing with workq items (bsc#1076982).\n- nvme_fc: fix rogue admin cmds stalling teardown (bsc#1075811).\n- nvme_fc: io timeout should defer abort to ctrl reset (bsc#1085054).\n- nvme-fc: kick admin requeue list on disconnect (bsc#1077241).\n- nvme-fc: merge error on sles12sp3 for reset_work (bsc#1079195).\n- nvme_fc: minor fixes on sqsize (bsc#1076760).\n- nvme_fc: on remoteport reuse, set new nport_id and role (bsc#1076760).\n- nvme_fc: rework sqsize handling (bsc#1076760).\n- nvme: Fix managing degraded controllers (bnc#1012382).\n- nvme: Fix setting logical block format when revalidating (bsc#1079313).\n- nvme: only start KATO if the controller is live (bsc#1083387).\n- nvme-pci: clean up CMB initialization (bsc#1082979).\n- nvme-pci: clean up SMBSZ bit definitions (bsc#1082979).\n- nvme-pci: consistencly use ctrl->device for logging (bsc#1082979).\n- nvme-pci: fix typos in comments (bsc#1082979).\n- nvme-pci: Remap CMB SQ entries on every controller reset (bsc#1082979).\n- nvme-pci: Remove watchdog timer (bsc#1066163).\n- nvme-pci: Use PCI bus address for data/queues in CMB (bsc#1082979).\n- nvme: Quirks for PM1725 controllers (bsc#1082979).\n- nvme_rdma: clear NVME_RDMA_Q_LIVE bit if reconnect fails (bsc#1083770).\n- nvme-rdma: fix concurrent reset and reconnect (bsc#1082979).\n- nvme: remove nvme_revalidate_ns (bsc#1079313).\n- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bsc#1070404).\n- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).\n- openvswitch: fix the incorrect flow action alloc size (bnc#1012382).\n- ovl: fix failure to fsync lower dir (bnc#1012382).\n- ovs/geneve: fix rtnl notifications on iface deletion (bsc#1042286).\n- ovs/gre: fix rtnl notifications on iface deletion (bsc#1042286).\n- ovs/gre,geneve: fix error path when creating an iface (bsc#1042286).\n- ovs/vxlan: fix rtnl notifications on iface deletion (bsc#1042286).\n- packet: fix crash in fanout_demux_rollover() (bnc#1012382).\n- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).\n- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).\n- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).\n- PCI/AER: Report non-fatal errors only to the affected endpoint (bnc#1012382).\n- pci/ASPM: Do not retrain link if ASPM not possible (bnc#1071892).\n- PCI: Avoid bus reset if bridge itself is broken (bnc#1012382).\n- PCI: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).\n- PCI: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).\n- pci: hv: Do not sleep in compose_msi_msg() (fate#315887, bsc#1082632).\n- pci: keystone: Fix interrupt-controller-node lookup (bnc#1012382).\n- pci/MSI: Fix msi_desc->affinity memory leak when freeing MSI IRQs (bsc#1082979).\n- PCI/PME: Handle invalid data when reading Root Status (bnc#1012382).\n- PCI / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).\n- perf bench numa: Fixup discontiguous/sparse numa nodes (bnc#1012382).\n- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).\n- perf test attr: Fix ignored test case result (bnc#1012382).\n- perf top: Fix window dimensions change handling (bnc#1012382).\n- perf/x86: Shut up false-positive -Wmaybe-uninitialized warning (bnc#1012382).\n- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).\n- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).\n- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).\n- pinctrl: sunxi: Fix A80 interrupt pin bank (bnc#1012382).\n- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).\n- pktcdvd: Fix pkt_setup_dev() error path (bnc#1012382).\n- platform/x86: intel_mid_thermal: Fix suspend handlers unused warning (bnc#1012382).\n- pm / devfreq: Propagate error from devfreq_add_device() (bnc#1012382).\n- pm / wakeirq: Fix unbalanced IRQ enable for wakeirq (bsc#1031717).\n- posix-timer: Properly check sigevent->sigev_notify (bnc#1012382).\n- power: bq27xxx_battery: mark some symbols __maybe_unused (bnc#1012382).\n- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64: Fix flush_(d|i)cache_range() called from modules (FATE#315275 LTC#103998 bnc#1012382 bnc#863764).\n- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).\n- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).\n- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR (bnc#1012382).\n- powerpc/64s: Improve RFI L1-D cache flush fallback (bsc#1068032, bsc#1075087).\n- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).\n- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).\n- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).\n- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).\n- powerpc: Do not preempt_disable() in show_cpuinfo() (bsc#1066223).\n- powerpc/ipic: Fix status get and status clear (bnc#1012382).\n- powerpc/numa: Ensure nodes initialized for hotplug (FATE#322022, bsc#1081514).\n- powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove (bsc#1081512).\n- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (FATE#322022, bsc#1081514).\n- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).\n- powerpc/perf: Fix oops when grouping different pmu events (bnc#1012382).\n- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).\n- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).\n- powerpc/powernv: Fix MCE handler to avoid trashing CR0/CR1 registers (bsc#1066223).\n- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).\n- powerpc/powernv: Move IDLE_STATE_ENTER_SEQ macro to cpuidle.h (bsc#1066223).\n- powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Fix cpu hotplug crash with memoryless nodes (FATE#322022, bsc#1081514).\n- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).\n- powerpc: Simplify module TOC handling (bnc#1012382).\n- power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- ppp: Destroy the mutex when cleanup (bnc#1012382).\n- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).\n- profile: hide unused functions when !CONFIG_PROC_FS (bnc#1012382).\n- Provide a function to create a NUL-terminated string from unterminated data (bnc#1012382).\n- pwc: hide unused label (bnc#1012382).\n- qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).\n- qla2xxx: Add FC-NVMe abort processing (bsc#1084427).\n- qla2xxx: asynchronous pci probing (bsc#1034503).\n- qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).\n- qla2xxx: Convert QLA_TGT_ABTS to TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1043726,FATE#324770).\n- qla2xxx: do not check login_state if no loop id is assigned (bsc#1081681).\n- qla2xxx: ensure async flags are reset correctly (bsc#1081681).\n- qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).\n- qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).\n- qla2xxx: Fix incorrect tcm_qla2xxx_free_cmd use during TMR ABORT (v2) (bsc#1043726,FATE#324770).\n- qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).\n- qla2xxx: Fix NVMe entry_type for iocb packet on BE system (bsc#1043726,FATE#324770).\n- qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).\n- qla2xxx: Fixup locking for session deletion (bsc#1081681).\n- qla2xxx: Remove nvme_done_list (bsc#1084427).\n- qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).\n- qla2xxx: remove use of FC-specific error codes (bsc#1043726,FATE#324770).\n- qla2xxx: Restore ZIO threshold setting (bsc#1084427).\n- qla2xxx: Return busy if rport going away (bsc#1084427).\n- qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).\n- qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).\n- qlcnic: fix deadlock bug (bnc#1012382).\n- r8152: fix the list rx_done may be used without initialization (bnc#1012382).\n- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).\n- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).\n- r8169: fix RTL8168EP take too long to complete driver initialization (bnc#1012382).\n- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).\n- ravb: Remove Rx overflow log messages (bnc#1012382).\n- rbd: set max_segments to USHRT_MAX (bnc#1012382).\n- RDMA/cma: Avoid triggering undefined behavior (bnc#1012382).\n- rdma/cma: Make sure that PSN is not over max allowed (bnc#1012382).\n- RDMA/i40iw: Remove MSS change support (bsc#1024376 FATE#321249).\n- rdma/uverbs: Protect from command mask overflow (bsc#1082979).\n- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).\n- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).\n- RDS: null pointer dereference in rds_atomic_free_op (bnc#1012382).\n- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).\n- regulator: da9063: Return an error code on probe failure (bsc#1074847).\n- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).\n- regulator: Try to resolve regulators supplies on registration (bsc#1074847).\n- reiserfs: avoid a -Wmaybe-uninitialized warning (bnc#1012382).\n- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).\n- Revert 'Bluetooth: btusb: fix QCA Rome suspend/resume' (bnc#1012382).\n- Revert 'drm/armada: Fix compile fail' (bnc#1012382).\n- Revert 'Enable DEBUG_RFI'\n- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).\n- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (kabi).\n- Revert 'net: replace dst_cache ip6_tunnel implementation with the generic one' (kabi bnc#1082897).\n- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).\n- Revert 'power: bq27xxx_battery: Remove unneeded dependency in Kconfig' (bnc#1012382).\n- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).\n- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).\n- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).\n- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).\n- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).\n- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).\n- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).\n- Revert 'x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0'\n- Revert 'x86/entry/64: Use a per-CPU trampoline stack for IDT entries'\n- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).\n- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).\n- rfi-flush: Move the logic to avoid a redo into the debugfs code (bsc#1068032, bsc#1075087).\n- rfi-flush: Switch to new linear fallback flush (bsc#1068032, bsc#1075087).\n- rhashtable: add rhashtable_lookup_get_insert_key() (bsc#1042286).\n- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).\n- route: also update fnhe_genid when updating a route cache (bnc#1012382).\n- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).\n- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).\n- rtc-opal: Fix handling of firmware error codes, prevent busy loops (bnc#1012382).\n- rtc: pcf8563: fix output clock rate (bnc#1012382).\n- rtc: pl031: make interrupt optional (bnc#1012382).\n- rtc: set the alarm to the next expiring timer (bnc#1012382).\n- rtlwifi: fix gcc-6 indentation warning (bnc#1012382).\n- rtlwifi: rtl8821ae: Fix connection lost problem correctly (bnc#1012382).\n- s390: add no-execute support (FATE#324087, LTC#158827).\n- s390: always save and restore all registers on context switch (bnc#1012382).\n- s390/cpuinfo: show facilities as reported by stfle (bnc#1076847, LTC#163740).\n- s390/dasd: fix handling of internal requests (bsc#1080321).\n- s390/dasd: fix wrongly assigned configuration data (bnc#1012382).\n- s390/dasd: prevent prefix I/O error (bnc#1012382).\n- s390: fix compat system call table (bnc#1012382).\n- s390: fix handling of -1 in set{,fs}[gu]id16 syscalls (bnc#1012382).\n- s390: hypfs: Move diag implementation and data definitions (FATE#324070, LTC#158959).\n- s390: kvm: Cpu model support for msa6, msa7 and msa8 (FATE#324069, LTC#159031).\n- s390: Make cpc_name accessible (FATE#324070, LTC#158959).\n- s390: Make diag224 public (FATE#324070, LTC#158959).\n- s390/mem_detect: use unsigned longs (FATE#324071, LTC#158956).\n- s390/mm: align swapper_pg_dir to 16k (FATE#324087, LTC#158827).\n- s390/mm: always use PAGE_KERNEL when mapping pages (FATE#324087, LTC#158827).\n- s390/noexec: execute kexec datamover without DAT (FATE#324087, LTC#158827).\n- s390/oprofile: fix address range for asynchronous stack (bsc#1082979).\n- s390/pageattr: allow kernel page table splitting (FATE#324087, LTC#158827).\n- s390/pageattr: avoid unnecessary page table splitting (FATE#324087, LTC#158827).\n- s390/pageattr: handle numpages parameter correctly (FATE#324087, LTC#158827).\n- s390/pci_dma: improve lazy flush for unmap (bnc#1079886, LTC#163393).\n- s390/pci_dma: improve map_sg (bnc#1079886, LTC#163393).\n- s390/pci_dma: make lazy flush independent from the tlb_refresh bit (bnc#1079886, LTC#163393).\n- s390/pci_dma: remove dma address range check (bnc#1079886, LTC#163393).\n- s390/pci_dma: simplify dma address calculation (bnc#1079886, LTC#163393).\n- s390/pci_dma: split dma_update_trans (bnc#1079886, LTC#163393).\n- s390/pci: do not require AIS facility (bnc#1012382).\n- s390/pci: fix dma address calculation in map_sg (bnc#1079886, LTC#163393).\n- s390/pci: handle insufficient resources during dma tlb flush (bnc#1079886, LTC#163393).\n- s390/pgtable: introduce and use generic csp inline asm (FATE#324087, LTC#158827).\n- s390/pgtable: make pmd and pud helper functions available (FATE#324087, LTC#158827).\n- s390/qeth: fix underestimated count of buffer elements (bnc#1082089, LTC#164529).\n- s390/qeth: no ETH header for outbound AF_IUCV (LTC#156276 bnc#1012382 bnc#1053472).\n- s390: report new vector facilities (FATE#324088, LTC#158828).\n- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).\n- s390/sclp: Add hmfai field (FATE#324071, LTC#158956).\n- s390/vmem: align segment and region tables to 16k (FATE#324087, LTC#158827).\n- s390/vmem: introduce and use SEGMENT_KERNEL and REGION3_KERNEL (FATE#324087, LTC#158827).\n- s390/vmem: simplify vmem code for read-only mappings (FATE#324087, LTC#158827).\n- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).\n- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).\n- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).\n- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).\n- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).\n- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).\n- sched/rt: Up the root domain ref count when passing it around via IPIs (bnc#1012382).\n- sched/rt: Use container_of() to get root domain in rto_push_irq_work_func() (bnc#1012382).\n- scripts/kernel-doc: Do not fail with status != 0 if error encountered with -none (bnc#1012382).\n- scsi: aacraid: Fix hang in kdump (bsc#1022607, FATE#321673).\n- scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path (bnc#1012382).\n- scsi: advansys: fix build warning for PCI=n (bnc#1012382).\n- scsi: advansys: fix uninitialized data access (bnc#1012382).\n- scsi: bfa: integer overflow in debugfs (bnc#1012382).\n- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).\n- scsi: do not look for NULL devices handlers by name (bsc#1082373).\n- scsi: fas216: fix sense buffer initialization (bsc#1082979).\n- scsi: fdomain: drop fdomain_pci_tbl when built-in (bnc#1012382).\n- scsi: handle ABORTED_COMMAND on Fujitsu ETERNUS (bsc#1069138).\n- scsi: hisi_sas: directly attached disk LED feature for v2 hw (bsc#1083409).\n- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).\n- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).\n- scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info (bnc#1012382).\n- scsi: initio: remove duplicate module device table (bnc#1012382 bsc#1082979).\n- scsi: initio: remove duplicate module device table (bsc#1082979).\n- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).\n- scsi: libsas: fix error when getting phy events (bsc#1082979).\n- scsi: libsas: fix memory leak in sas_smp_get_phy_events() (bsc#1082979).\n- scsi: lpfc: Add WQ Full Logic for NVME Target (bsc#1080656).\n- scsi: lpfc: Allow set of maximum outstanding SCSI cmd limit for a target (bsc#1080656).\n- scsi: lpfc: Beef up stat counters for debug (bsc#1076693).\n- scsi: lpfc: correct debug counters for abort (bsc#1080656).\n- scsi: lpfc: do not dereference localport before it has been null checked (bsc#1076693).\n- scsi: lpfc: Do not return internal MBXERR_ERROR code from probe function (bsc#1082979).\n- scsi: lpfc: fix a couple of minor indentation issues (bsc#1076693).\n- scsi: lpfc: Fix -EOVERFLOW behavior for NVMET and defer_rcv (bsc#1076693).\n- scsi: lpfc: Fix header inclusion in lpfc_nvmet (bsc#1080656).\n- scsi: lpfc: Fix infinite wait when driver unregisters a remote NVME port (bsc#1076693).\n- scsi: lpfc: Fix IO failure during hba reset testing with nvme io (bsc#1080656).\n- scsi: lpfc: Fix issue_lip if link is disabled (bsc#1080656).\n- scsi: lpfc: Fix issues connecting with nvme initiator (bsc#1076693).\n- scsi: lpfc: Fix nonrecovery of NVME controller after cable swap (bsc#1080656).\n- scsi: lpfc: Fix PRLI handling when topology type changes (bsc#1080656).\n- scsi: lpfc: Fix receive PRLI handling (bsc#1076693).\n- scsi: lpfc: Fix RQ empty firmware trap (bsc#1080656).\n- scsi: lpfc: Fix SCSI io host reset causing kernel crash (bsc#1080656).\n- scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled (bsc#1076693).\n- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bsc#1080656).\n- scsi: lpfc: Increase CQ and WQ sizes for SCSI (bsc#1080656).\n- scsi: lpfc: Increase SCSI CQ and WQ sizes (bsc#1076693).\n- scsi: lpfc: Indicate CONF support in NVMe PRLI (bsc#1080656).\n- scsi: lpfc: move placement of target destroy on driver detach (bsc#1080656).\n- scsi: lpfc: Treat SCSI Write operation Underruns as an error (bsc#1080656).\n- scsi: lpfc: Update 11.4.0.7 modified files for 2018 Copyright (bsc#1080656).\n- scsi: lpfc: update driver version to 11.4.0.6 (bsc#1076693).\n- scsi: lpfc: update driver version to 11.4.0.7 (bsc#1080656).\n- scsi: lpfc: Use after free in lpfc_rq_buf_free() (bsc#1037838).\n- scsi: lpfc: Validate adapter support for SRIU option (bsc#1080656).\n- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).\n- scsi: mvumi: use __maybe_unused to hide pm functions (bnc#1012382).\n- scsi: qla2xxx: Ability to process multiple SGEs in Command SGL for CT passthrough commands (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Accelerate SCSI BUSY status generation in target mode (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add ability to autodetect SFP type (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ability to send PRLO (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ability to use GPNFT/GNNFT for RSCN handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ATIO-Q processing for INTx mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add boundary checks for exchanges to be offloaded (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add command completion for error path (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add debug knob for user control workload (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add debug logging routine for qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Added change to enable ZIO for FC-NVMe devices (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add FC-NVMe command handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add FC-NVMe F/W initialization and transport registration (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add FC-NVMe port discovery and PRLI handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add function call to qpair for door bell (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add fw_started flags to qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add lock protection around host lookup (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add LR distance support from nvram bit (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: add missing includes for qla_isr (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add option for use reserve exch for ELS (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ql2xiniexchg parameter (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add retry limit for fabric scan logic (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add support for minimum link speed (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add switch command to simplify fabric discovery (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add timeout ability to wait_for_sess_deletion() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add XCB counters to debugfs (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow ABTS, PURX, RIDA on ATIOQ for ISP83XX/27XX (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Allow MBC_GET_PORT_DATABASE to query and save the port states (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow relogin and session creation after reset (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow SNS fabric login to be retried (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow target mode to accept PRLI in dual mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: avoid unused-function warning (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Change ha->wq max_active value to default (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Changes to support N2N logins (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Chip reset uses wrong lock during IO flush (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Cleanup FC-NVMe code (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Cleanup NPIV host in target mode during config teardown (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Clear fc4f_nvme flag (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Clear loop id after delete (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Combine Active command arrays (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Convert 32-bit LUN usage to 64-bit (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Defer processing of GS IOCB calls (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Delay loop id allocation at login (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Do not call abort handler function during chip reset (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Do not call dma_free_coherent with IRQ disabled (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: do not include <generated/utsrelease.h> (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Enable Async TMF processing (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Enable ATIO interrupt handshake for ISP27XX (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Enable Target Multi Queue (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Fix abort command deadlock due to spinlock (FATE#320146, bsc#966328).\n- scsi: qla2xxx: fix a bunch of typos and spelling mistakes (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix a locking imbalance in qlt_24xx_handle_els() (bsc#1082979).\n- scsi: qla2xxx: Fix compile warning (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Fix FC-NVMe LUN discovery (bsc#1083223).\n- scsi: qla2xxx: Fix Firmware dump size for Extended login and Exchange Offload (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix GPNFT/GNNFT error handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix gpnid error processing (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix incorrect handle for abort IOCB (bsc#1082979).\n- scsi: qla2xxx: Fix login state machine freeze (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix login state machine stuck at GPDB (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix logo flag for qlt_free_session_done() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix mailbox failure while deleting Queue pairs (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Fix memory leak in dual/target mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NPIV host cleanup in target mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NPIV host enable after chip reset (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NULL pointer access for fcport structure (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS (bsc#1082979).\n- scsi: qla2xxx: Fix NULL pointer crash due to probe failure (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix oops in qla2x00_probe_one error path (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix PRLI state check (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix queue ID for async abort with Multiqueue (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix recursion while sending terminate exchange (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix Relogin being triggered too fast (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix re-login for Nport Handle in use (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix remoteport disconnect for FC-NVMe (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix scan state field for fcport (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix session cleanup for N2N (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix slow mem alloc behind lock (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: fix spelling mistake of variable sfp_additonal_info (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system crash for Notify ack timeout handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system crash while triggering FW dump (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system panic due to pointer access problem (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix target multiqueue configuration (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix task mgmt handling for NPIV (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix warning during port_name debug print (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix warning for code intentation in __qla24xx_handle_gpdb_event() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix WWPN/WWNN in debug message (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Handle PCIe error for driver (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Include Exchange offload/Extended Login into FW dump (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Increase ql2xmaxqdepth to 64 (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Increase verbosity of debug messages logged (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Migrate switch registration commands away from mailbox interface (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: move fields from qla_hw_data to qla_qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Move function prototype to correct header (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Move logging default mask to execute once only (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Move session delete to driver work queue (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Move target stat counters from vha to qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Move work element processing out of DPC thread (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Off by one in qlt_ctio_to_cmd() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Preparation for Target MQ (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Prevent multiple active discovery commands per session (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Prevent relogin trigger from sending too many commands (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Prevent sp->free null/uninitialized pointer dereference (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Print correct mailbox registers in failed summary (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Properly extract ADISC error codes (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Protect access to qpair members with qpair->qp_lock (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Query FC4 type during RSCN processing (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Recheck session state after RSCN (bsc#1043726,FATE#324770)\n- scsi: qla2xxx: Reduce the use of terminate exchange (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Reduce trace noise for Async Events (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Reinstate module parameter ql2xenablemsix (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Relogin to target port on a cable swap (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout (FATE#320146, bsc#966328).\n- scsi: qla2xxx: Remove an unused structure member (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove datasegs_per_cmd and datasegs_per_cont field (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove extra register read (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove extra register read (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove FC_NO_LOOP_ID for FCP and FC-NVMe Discovery (bsc#1084397).\n- scsi: qla2xxx: Remove potential macro parameter side-effect in ql_dump_regs() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: remove redundant assignment of d (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: remove redundant null check on tgt (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove redundant wait when target is stopped (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove session creation redundant code (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove unused argument from qlt_schedule_sess_for_deletion() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove unused irq_cmd_count field (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove unused tgt_enable_64bit_addr flag (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: remove writeq/readq function definitions (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Replace GPDB with async ADISC command (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Reset the logo flag, after target re-login (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Retry switch command on time out (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Send FC4 type NVMe to the management server (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Serialize GPNID for multiple RSCN (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Serialize session deletion by using work_lock (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Serialize session free in qlt_free_session_done (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Simpify unregistration of FC-NVMe local/remote ports (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Skip IRQ affinity for Target QPairs (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Skip zero queue count entry during FW dump capture (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Suppress a kernel complaint in qla_init_base_qpair() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Tweak resource count dump (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update Driver version to 10.00.00.00-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.01-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.02-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.03-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.04-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.05-k (bsc#1081681).\n- scsi: qla2xxx: Update driver version to 9.01.00.00-k (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Update fw_started flags at qpair creation (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use BIT_6 to acquire FAWWPN from switch (bsc#1043726,FATE#324770)\n- scsi: qla2xxx: Use chip reset to bring down laser on unload (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: use dma_mapping_error to check map errors (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use FC-NVMe FC4 type for FDMI registration (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use IOCB path to submit Control VP MBX command (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use known NPort ID for Management Server login (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use ql2xnvmeenable to enable Q-Pair for FC-NVMe (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: use shadow register for ISP27XX (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Use shadow register for ISP27XX (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use sp->free instead of hard coded call (bsc#1043726,FATE#324770).\n- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).\n- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).\n- scsi: ses: do not get power status of SES device slot on probe (bsc#1082979).\n- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).\n- scsi: sim710: fix build warning (bnc#1012382).\n- scsi: sr: wait for the medium to become ready (bsc#1048585).\n- scsi: sr: workaround VMware ESXi cdrom emulation bug (bsc#1080813).\n- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error (bnc#1012382).\n- scsi: storvsc: remove unnecessary channel inbound lock (fate#315887, bsc#1082632).\n- scsi: sun_esp: fix device reference leaks (bsc#1082979).\n- scsi: tcm_qla2xxx: Do not allow aborted cmd to advance (bsc#1043725,FATE#324770).\n- scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg (bnc#1012382).\n- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).\n- sctp: make use of pre-calculated len (bnc#1012382).\n- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).\n- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).\n- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).\n- selftests/x86: Add test_vsyscall (bnc#1012382).\n- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).\n- selinux: ensure the context is NUL terminated in security_context_to_sid_core() (bnc#1012382).\n- selinux: general protection fault in sock_has_perm (bnc#1012382).\n- selinux: skip bounded transition processing if the policy isn't loaded (bnc#1012382).\n- serial: 8250_mid: fix broken DMA dependency (bnc#1012382).\n- serial: 8250_pci: Add Amazon PCI serial device ID (bnc#1012382).\n- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).\n- serial: 8250_uniphier: fix error return code in uniphier_uart_probe() (bsc#1031717).\n- serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS (bnc#1012382).\n- series.conf: disable qla2xxx patches (bsc#1043725)\n- series.conf: move core networking (including netfilter) into sorted section\n- series.conf: refresh Ran series_sort.py (no effect on expanded tree).\n- series.conf: whitespace cleanup\n- Set supported_modules_check 1 (bsc#1072163).\n- sfc: do not warn on successful change of MAC (bnc#1012382).\n- sget(): handle failures of register_shrinker() (bnc#1012382).\n- sh_eth: fix SH7757 GEther initialization (bnc#1012382).\n- sh_eth: fix TSU resource handling (bnc#1012382).\n- signal/openrisc: Fix do_unaligned_access to send the proper signal (bnc#1012382).\n- signal/sh: Ensure si_signo is initialized in do_divide_error (bnc#1012382).\n- sit: update frag_off info (bnc#1012382).\n- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).\n- SolutionEngine771x: fix Ether platform data (bnc#1012382).\n- sparc64/mm: set fields in deferred pages (bnc#1012382).\n- spi: atmel: fixed spin_lock usage inside atmel_spi_remove (bnc#1012382).\n- spi: imx: do not access registers while clocks disabled (bnc#1012382).\n- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).\n- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).\n- spi: sun4i: disable clocks in the remove function (bnc#1012382).\n- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).\n- ssb: mark ssb_bus_register as __maybe_unused (bnc#1012382).\n- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).\n- staging: android: ashmem: Fix a race condition in pin ioctls (bnc#1012382).\n- staging: iio: adc: ad7192: fix external frequency setting (bnc#1012382).\n- staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID (bnc#1012382).\n- staging: ste_rmi4: avoid unused function warnings (bnc#1012382).\n- staging: unisys: visorinput depends on INPUT (bnc#1012382).\n- staging: wilc1000: fix kbuild test robot error (bnc#1012382).\n- sunrpc: Allow connect to return EHOSTUNREACH (bnc#1012382).\n- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).\n- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).\n- sysfs/cpu: Add vulnerability folder (bnc#1012382).\n- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).\n- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).\n- sysrq : fix Show Regs call trace on ARM (bnc#1012382).\n- target: Add support for TMR percpu reference counting (bsc#1043726,FATE#324770).\n- target: Add TARGET_SCF_LOOKUP_LUN_FROM_TAG support for ABORT_TASK (bsc#1043726,FATE#324770).\n- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).\n- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).\n- target: fix ALUA transition timeout handling (bnc#1012382).\n- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).\n- target: fix race during implicit transition work flushes (bnc#1012382).\n- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).\n- target: Use system workqueue for ALUA transitions (bnc#1012382).\n- tc1100-wmi: fix build warning when CONFIG_PM not enabled (bnc#1012382).\n- tc358743: fix register i2c_rd/wr function fix (git-fixes).\n- tc358743: fix register i2c_rd/wr functions (bnc#1012382).\n- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).\n- tcp: do not set rtt_min to 1 (bsc#1042286).\n- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).\n- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).\n- tcp: release sk_frag.page in tcp_disconnect (bnc#1012382).\n- tcp: __tcp_hdrlen() helper (bnc#1012382).\n- test_bpf: fix the dummy skb after dissector changes (bsc#1042286).\n- tg3: Add workaround to restrict 5762 MRRS to 2048 (bnc#1012382).\n- tg3: Enable PHY reset in MTU change path for 5720 (bnc#1012382).\n- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).\n- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).\n- thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies (bnc#1012382).\n- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).\n- thermal: spear: use __maybe_unused for PM functions (bnc#1012382).\n- tipc: fix cleanup at module unload (bnc#1012382).\n- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).\n- tipc: improve link resiliency when rps is activated (bsc#1068038).\n- tlan: avoid unused label with PCI=n (bnc#1012382).\n- tools build: Add tools tree support for 'make -s' (bnc#1012382).\n- tpm-dev-common: Reject too short writes (bsc#1020645, git-fixes).\n- tpm: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm_tis: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tracing: Allocate mask_str buffer dynamically (bnc#1012382).\n- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).\n- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).\n- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).\n- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).\n- tty: cyclades: cyz_interrupt is only used for PCI (bnc#1012382).\n- tty fix oops when rmmod 8250 (bnc#1012382).\n- tty: hvc_xen: hide xen_console_remove when unused (bnc#1012382).\n- tty: mxser: Remove ASYNC_CLOSING (bnc#1072363).\n- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).\n- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).\n- ubi: block: Fix locking for idr_alloc/idr_remove (bnc#1012382).\n- udf: Avoid overflow when session starts at large offset (bnc#1012382).\n- udp: restore UDPlite many-cast delivery (bsc#1042286).\n- um: link vmlinux with -no-pie (bnc#1012382).\n- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).\n- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).\n- usb: build drivers/usb/common/ when USB_SUPPORT is set (bnc#1012382).\n- usb: cdc-acm: Do not log urb submission errors on disconnect (bnc#1012382).\n- usb: cdc_subset: only build when one driver is enabled (bnc#1012382).\n- USB: core: Add type-specific length check of BOS descriptors (bnc#1012382).\n- USB: core: prevent malicious bNumInterfaces overflow (bnc#1012382).\n- USB: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).\n- usb: dwc3: gadget: Set maxpacket size for ep0 IN (bnc#1012382).\n- usb: f_fs: Prevent gadget unbind if it is already unbound (bnc#1012382).\n- USB: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).\n- USB: fix usbmon BUG trigger (bnc#1012382).\n- usb: gadget: configs: plug memory leak (bnc#1012382).\n- usb: gadget: do not dereference g until after it has been null checked (bnc#1012382).\n- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).\n- usb: gadget: f_fs: Process all descriptors during bind (bnc#1012382).\n- USB: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).\n- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).\n- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).\n- usb: gadget: uvc: Missing files for configfs interface (bnc#1012382).\n- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).\n- USB: Increase usbfs transfer limit (bnc#1012382).\n- usbip: fix 3eee23c3ec14 tcp_socket address still in the status file (bnc#1012382).\n- usbip: Fix implicit fallthrough warning (bnc#1012382).\n- usbip: Fix potential format overflow in userspace tools (bnc#1012382).\n- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).\n- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).\n- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).\n- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).\n- usbip: keep usbip_device sockfd state in sync with tcp_socket (bnc#1012382).\n- usbip: list: do not list devices attached to vhci_hcd (bnc#1012382).\n- usbip: prevent bind loops on devices attached to vhci_hcd (bnc#1012382).\n- usbip: prevent leaking socket pointer address in messages (bnc#1012382).\n- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).\n- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).\n- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit (bnc#1012382).\n- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usb: ldusb: add PIDs for new CASSY devices supported by this driver (bnc#1012382).\n- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).\n- usb: musb: da8xx: fix babble condition handling (bnc#1012382).\n- usb: musb/ux500: remove duplicate check for dma_is_compatible (bnc#1012382).\n- usb: ohci: Proper handling of ed_rm_list to handle race condition between usb_kill_urb() and finish_unlinks() (bnc#1012382).\n- usb: option: Add support for FS040U modem (bnc#1012382).\n- usb: phy: isp1301: Add OF device ID table (bnc#1012382).\n- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).\n- usb: phy: msm add regulator dependency (bnc#1012382).\n- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).\n- usb: renesas_usbhs: missed the 'running' flag in usb_dmac with rx path (bnc#1012382).\n- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).\n- USB: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).\n- USB: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).\n- usb: serial: io_edgeport: fix possible sleep-in-atomic (bnc#1012382).\n- USB: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).\n- USB: serial: option: add Quectel BG96 id (bnc#1012382).\n- USB: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).\n- usb: serial: pl2303: new device id for Chilitag (bnc#1012382).\n- USB: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).\n- usb: serial: simple: add Motorola Tetra driver (bnc#1012382).\n- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).\n- usb: uas: unconditionally bring back host after reset (bnc#1012382).\n- USB: usbfs: Filter flags passed in from user space (bnc#1012382).\n- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).\n- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).\n- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).\n- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).\n- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).\n- v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER (bnc#1012382).\n- vb2: V4L2_BUF_FLAG_DONE is set after DQBUF (bnc#1012382).\n- vfs: do not do RCU lookup of empty pathnames (bnc#1012382).\n- vhost_net: stop device during reset owner (bnc#1012382).\n- video: fbdev: atmel_lcdfb: fix display-timings lookup (bnc#1012382).\n- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).\n- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).\n- video: fbdev/mmp: add MODULE_LICENSE (bnc#1012382).\n- video: fbdev: sis: remove unused variable (bnc#1012382).\n- video: fbdev: via: remove possibly unused variables (bnc#1012382).\n- video: Use bool instead int pointer for get_opt_bool() argument (bnc#1012382).\n- virtio_balloon: prevent uninitialized variable use (bnc#1012382).\n- virtio: release virtio index when fail to device_register (bnc#1012382).\n- vmbus: add per-channel sysfs info (fate#315887, bsc#1082632).\n- vmbus: add prefetch to ring buffer iterator (fate#315887, bsc#1082632).\n- vmbus: do not acquire the mutex in vmbus_hvsock_device_unregister() (fate#315887, bsc#1082632).\n- vmbus: drop unused ring_buffer_info elements (fate#315887, bsc#1082632).\n- vmbus: eliminate duplicate cached index (fate#315887, bsc#1082632).\n- vmbus: hvsock: add proper sync for vmbus_hvsock_device_unregister() (fate#315887, bsc#1082632).\n- vmbus: initialize reserved fields in messages (fate#315887, bsc#1082632).\n- vmbus: make channel_message table constant (fate#315887, bsc#1082632).\n- vmbus: more host signalling avoidance (fate#315887, bsc#1082632).\n- vmbus: refactor hv_signal_on_read (fate#315887, bsc#1082632).\n- vmbus: remove unused vmbus_sendpacket_ctl (fate#315887, bsc#1082632).\n- vmbus: remove unused vmbus_sendpacket_multipagebuffer (fate#315887, bsc#1082632).\n- vmbus: remove unused vmubs_sendpacket_pagebuffer_ctl (fate#315887, bsc#1082632).\n- vmbus: Reuse uuid_le_to_bin() helper (fate#315887, bsc#1082632).\n- vmbus: simplify hv_ringbuffer_read (fate#315887, bsc#1082632).\n- vmbus: unregister device_obj->channels_kset (fate#315887, bsc#1082632).\n- vmxnet3: prevent building with 64K pages (bnc#1012382).\n- vmxnet3: repair memory leak (bnc#1012382).\n- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).\n- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).\n- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).\n- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).\n- vxlan: consolidate csum flag handling (bsc#1042286).\n- vxlan: consolidate output route calculation (bsc#1042286).\n- vxlan: consolidate vxlan_xmit_skb and vxlan6_xmit_skb (bsc#1042286).\n- vxlan: do not allow overwrite of config src addr (bsc#1042286).\n- watchdog: imx2_wdt: restore previous timeout after suspend+resume (bnc#1012382).\n- wireless: cw1200: use __maybe_unused to hide pm functions_ (bnc#1012382).\n- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).\n- writeback: fix memory leak in wb_queue_work() (bnc#1012382).\n- X.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).\n- X.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).\n- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).\n- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).\n- x86: add MULTIUSER dependency for KVM (bnc#1012382).\n- x86/alternatives: Add missing '\\n' at end of ALTERNATIVE inline asm (bnc#1012382).\n- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).\n- x86/apic/vector: Fix off by one in error path (bnc#1012382).\n- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).\n- x86/asm: Fix inline asm call constraints for GCC 4.4 (bnc#1012382).\n- x86/boot: Avoid warning for zero-filling .bss (bnc#1012382).\n- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).\n- x86: bpf_jit: small optimization in emit_bpf_tail_call() (bnc#1012382).\n- x86/bugs: Drop one 'mitigation' from dmesg (bnc#1012382).\n- x86/build: Silence the build with 'make -s' (bnc#1012382).\n- x86/cpu/bugs: Make retpoline module warning conditional (bnc#1012382).\n- x86/cpu: Change type of x86_cache_size variable to unsigned int (bnc#1012382).\n- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).\n- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).\n- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).\n- x86/cpu: Rename Merrifield2 to Moorefield (bsc#985025).\n- x86/cpu: Rename 'WESTMERE2' family to 'NEHALEM_G' (bsc#985025).\n- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).\n- x86/Documentation: Add PTI description (bnc#1012382).\n- x86/efi: Build our own page table structures (fate#320512).\n- x86/efi: Hoist page table switching code into efi_call_virt() (fate#320512).\n- x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0 (bsc#1077560).\n- x86/entry/64: Use a per-CPU trampoline stack for IDT entries (bsc#1077560).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).\n- x86: fix build warnign with 32-bit PAE (bnc#1012382).\n- x86/fpu/math-emu: Fix possible uninitialized variable use (bnc#1012382).\n- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).\n- x86/hyperv: Implement hv_get_tsc_page() (fate#315887, bsc#1082632).\n- x86/hyper-v: include hyperv/ only when CONFIG_HYPERV is set (fate#315887, bsc#1082632).\n- x86/hyper-v: Introduce fast hypercall implementation (fate#315887, bsc#1082632).\n- x86/hyper-v: Make hv_do_hypercall() inline (fate#315887, bsc#1082632).\n- x86/hyperv: Move TSC reading method to asm/mshyperv.h (fate#315887, bsc#1082632).\n- x86/kaiser: fix build error with KASAN && !FUNCTION_GRAPH_TRACER (bnc#1012382).\n- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).\n- x86/kasan: Write protect kasan zero shadow (bnc#1012382).\n- x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when running nested (bsc#1081431).\n- x86/mce: Pin the timer when modifying (bsc#1080851,1076282).\n- x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix preemptibility bug (bnc#1012382).\n- x86/microcode/AMD: Do not load when running on a hypervisor (bnc#1012382).\n- x86/microcode/AMD: Do not load when running on a hypervisor (bsc#1081436 bsc#1081437).\n- x86/microcode: Do the family check first (bnc#1012382).\n- x86/microcode: Do the family check first (bsc#1081436 bsc#1081437).\n- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).\n- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).\n- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).\n- x86/mm: Disable PCID on 32-bit kernels (bnc#1012382).\n- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bnc#1012382).\n- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (fate#320588).\n- x86/mm/pkeys: Fix fill_sig_info_pkey (fate#321300).\n- x86/nospec: Fix header guards names (bnc#1012382).\n- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bnc#1012382).\n- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bnc#1012382).\n- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).\n- x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG (bnc#1012382).\n- x86/platform/olpc: Fix resume handler build warning (bnc#1012382).\n- x86/pti: Document fix wrong index (bnc#1012382).\n- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).\n- x86/pti: Make unpoison of pgd for trusted boot work for real (bnc#1012382).\n- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).\n- x86/ras/inject: Make it depend on X86_LOCAL_APIC=y (bnc#1012382).\n- x86/retpoline: Avoid retpolines for built-in __init functions (bnc#1012382).\n- x86/retpoline/hyperv: Convert assembler indirect jumps (fate#315887, bsc#1082632).\n- x86/retpoline: Remove the esp/rsp thunk (bnc#1012382).\n- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).\n- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).\n- x86/spectre: Check CONFIG_RETPOLINE in command line parser (bnc#1012382).\n- x86/spectre: Fix an error message (git-fixes).\n- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bnc#1012382).\n- x86/spectre: Remove the out-of-tree RSB stuffing\n- x86/spectre: Simplify spectre_v2 command line parsing (bnc#1012382).\n- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).\n- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL (bnc#1012382).\n- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).\n- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).\n- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend (bnc#1065600).\n- xen: Fix trampoline stack loading issue on XEN PV.\n- xen/gntdev: Fix off-by-one error when unmapping with holes (bnc#1012382).\n- xen/gntdev: Fix partial gntdev_mmap() cleanup (bnc#1012382).\n- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).\n- xen-netfront: enable device after manual module load (bnc#1012382).\n- xen-netfront: Improve error handling during initialization (bnc#1012382).\n- xen-netfront: remove warning when unloading module (bnc#1012382).\n- xen: XEN_ACPI_PROCESSOR is Dom0-only (bnc#1012382).\n- xfrm: check id proto in validate_tmpl() (bnc#1012382).\n- xfrm: Copy policy family in clone_policy (bnc#1012382).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (bnc#1012382).\n- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies (bnc#1012382).\n- xfrm_user: propagate sec ctx allocation errors (bsc#1042286).\n- xfs: add configurable error support to metadata buffers (bsc#1068569).\n- xfs: add configuration handlers for specific errors (bsc#1068569).\n- xfs: add configuration of error failure speed (bsc#1068569).\n- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).\n- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).\n- xfs: address kabi for xfs buffer retry infrastructure (kabi).\n- xfs: configurable error behavior via sysfs (bsc#1068569).\n- xfs: do not chain ioends during writepage submission (bsc#1077285 bsc#1043441).\n- xfs: factor mapping out of xfs_do_writepage (bsc#1077285 bsc#1043441).\n- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).\n- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).\n- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).\n- xfs: introduce metadata IO error class (bsc#1068569).\n- xfs: introduce table-based init for error behaviors (bsc#1068569).\n- xfs: Introduce writeback context for writepages (bsc#1077285 bsc#1043441).\n- xfs: ioends require logically contiguous file offsets (bsc#1077285 bsc#1043441).\n- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).\n- xfs: quota: check result of register_shrinker() (bnc#1012382).\n- xfs: quota: fix missed destroy of qi_tree_lock (bnc#1012382).\n- xfs: reinit btree pointer on attr tree inactivation walk (bsc#1078787).\n- xfs: remove nonblocking mode from xfs_vm_writepage (bsc#1077285 bsc#1043441).\n- xfs: remove xfs_cancel_ioend (bsc#1077285 bsc#1043441).\n- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).\n- xfs: stop searching for free slots in an inode chunk when there are none (bsc#1072739).\n- xfs: toggle readonly state around xfs_log_mount_finish (bsc#1073401).\n- xfs: ubsan fixes (bnc#1012382).\n- xfs: validate sb_logsunit is a multiple of the fs blocksize (bsc#1077513).\n- xfs: write unmount record for ro mounts (bsc#1073401).\n- xfs: xfs_cluster_write is redundant (bsc#1077285 bsc#1043441).\n- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).\n- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).\n- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).\n- xtensa: fix futex_atomic_cmpxchg_inatomic (bnc#1012382).\n- zram: fix operator precedence to get offset (bsc#1082979).\n- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-RT-12-SP3-2018-663", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0986-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:0986-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20180986-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:0986-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-April/003902.html", }, { category: "self", summary: "SUSE Bug 1006867", url: "https://bugzilla.suse.com/1006867", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1015342", url: "https://bugzilla.suse.com/1015342", }, { category: "self", summary: "SUSE Bug 1015343", url: "https://bugzilla.suse.com/1015343", }, { category: "self", summary: "SUSE Bug 1019784", url: "https://bugzilla.suse.com/1019784", }, { category: "self", summary: "SUSE Bug 1020645", url: "https://bugzilla.suse.com/1020645", }, { category: "self", summary: "SUSE Bug 1022595", url: "https://bugzilla.suse.com/1022595", }, { category: "self", summary: "SUSE Bug 1022607", url: "https://bugzilla.suse.com/1022607", }, { category: "self", summary: "SUSE Bug 1022912", url: "https://bugzilla.suse.com/1022912", }, { category: "self", summary: "SUSE Bug 1024296", url: "https://bugzilla.suse.com/1024296", }, { category: "self", summary: "SUSE Bug 1024376", url: "https://bugzilla.suse.com/1024376", }, { category: "self", summary: "SUSE Bug 1027054", url: "https://bugzilla.suse.com/1027054", }, { category: "self", summary: "SUSE Bug 1031492", url: "https://bugzilla.suse.com/1031492", }, { category: "self", summary: "SUSE Bug 1031717", url: "https://bugzilla.suse.com/1031717", }, { category: "self", summary: "SUSE Bug 1033587", url: "https://bugzilla.suse.com/1033587", }, { category: "self", summary: "SUSE Bug 1034503", url: "https://bugzilla.suse.com/1034503", }, { category: "self", summary: "SUSE Bug 1037838", url: "https://bugzilla.suse.com/1037838", }, { category: "self", summary: "SUSE Bug 1038078", url: "https://bugzilla.suse.com/1038078", }, { category: "self", summary: "SUSE Bug 1038085", url: "https://bugzilla.suse.com/1038085", }, { category: "self", summary: "SUSE Bug 1040182", url: "https://bugzilla.suse.com/1040182", }, { category: "self", summary: "SUSE Bug 1042286", url: "https://bugzilla.suse.com/1042286", }, { category: "self", summary: "SUSE Bug 1043441", url: "https://bugzilla.suse.com/1043441", }, { category: "self", summary: "SUSE Bug 1043652", url: "https://bugzilla.suse.com/1043652", }, { category: "self", summary: "SUSE Bug 1043725", url: "https://bugzilla.suse.com/1043725", }, { category: "self", summary: "SUSE Bug 1043726", url: "https://bugzilla.suse.com/1043726", }, { category: "self", summary: "SUSE Bug 1048325", url: "https://bugzilla.suse.com/1048325", }, { category: "self", summary: "SUSE Bug 1048585", url: "https://bugzilla.suse.com/1048585", }, { category: "self", summary: "SUSE Bug 1053472", url: "https://bugzilla.suse.com/1053472", }, { category: "self", summary: "SUSE Bug 1060279", url: "https://bugzilla.suse.com/1060279", }, { category: "self", summary: "SUSE Bug 1062129", url: "https://bugzilla.suse.com/1062129", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065615", url: "https://bugzilla.suse.com/1065615", }, { category: "self", summary: "SUSE Bug 1066163", url: "https://bugzilla.suse.com/1066163", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1067118", url: "https://bugzilla.suse.com/1067118", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068038", url: "https://bugzilla.suse.com/1068038", }, { category: "self", summary: "SUSE Bug 1068569", url: "https://bugzilla.suse.com/1068569", }, { category: "self", summary: "SUSE Bug 1068984", url: "https://bugzilla.suse.com/1068984", }, { category: "self", summary: "SUSE Bug 1069135", url: "https://bugzilla.suse.com/1069135", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1069160", url: "https://bugzilla.suse.com/1069160", }, { category: "self", summary: "SUSE Bug 1070052", url: "https://bugzilla.suse.com/1070052", }, { category: "self", summary: "SUSE Bug 1070404", url: "https://bugzilla.suse.com/1070404", }, { category: "self", summary: "SUSE Bug 1070799", url: "https://bugzilla.suse.com/1070799", }, { category: "self", summary: "SUSE Bug 1071306", url: "https://bugzilla.suse.com/1071306", }, { category: "self", summary: "SUSE Bug 1071892", url: "https://bugzilla.suse.com/1071892", }, { category: "self", summary: "SUSE Bug 1072163", url: "https://bugzilla.suse.com/1072163", }, { category: "self", summary: "SUSE Bug 1072363", url: "https://bugzilla.suse.com/1072363", }, { category: "self", summary: "SUSE Bug 1072484", url: "https://bugzilla.suse.com/1072484", }, { category: "self", summary: "SUSE Bug 1072689", url: "https://bugzilla.suse.com/1072689", }, { category: "self", summary: "SUSE Bug 1072739", url: "https://bugzilla.suse.com/1072739", }, { category: "self", summary: "SUSE Bug 1072865", url: "https://bugzilla.suse.com/1072865", }, { category: "self", summary: "SUSE Bug 1073229", url: "https://bugzilla.suse.com/1073229", }, { category: "self", summary: "SUSE Bug 1073401", url: "https://bugzilla.suse.com/1073401", }, { category: "self", summary: "SUSE Bug 1073407", url: "https://bugzilla.suse.com/1073407", }, { category: "self", summary: "SUSE Bug 1073928", url: "https://bugzilla.suse.com/1073928", }, { category: "self", summary: "SUSE Bug 1074134", url: "https://bugzilla.suse.com/1074134", }, { category: "self", summary: "SUSE Bug 1074198", url: "https://bugzilla.suse.com/1074198", }, { category: "self", summary: "SUSE Bug 1074426", url: "https://bugzilla.suse.com/1074426", }, { category: "self", summary: "SUSE Bug 1074488", url: "https://bugzilla.suse.com/1074488", }, { category: "self", summary: "SUSE Bug 1074621", url: "https://bugzilla.suse.com/1074621", }, { category: "self", summary: "SUSE Bug 1074839", url: "https://bugzilla.suse.com/1074839", }, { category: "self", summary: "SUSE Bug 1074847", url: "https://bugzilla.suse.com/1074847", }, { category: "self", summary: "SUSE Bug 1075066", url: "https://bugzilla.suse.com/1075066", }, { category: "self", summary: "SUSE Bug 1075078", url: "https://bugzilla.suse.com/1075078", }, { category: "self", summary: "SUSE Bug 1075087", url: "https://bugzilla.suse.com/1075087", }, { category: "self", summary: "SUSE Bug 1075091", url: "https://bugzilla.suse.com/1075091", }, { category: "self", summary: "SUSE Bug 1075397", url: "https://bugzilla.suse.com/1075397", }, { category: "self", summary: "SUSE Bug 1075428", url: "https://bugzilla.suse.com/1075428", }, { category: "self", summary: "SUSE Bug 1075617", url: "https://bugzilla.suse.com/1075617", }, { category: "self", summary: "SUSE Bug 1075621", url: "https://bugzilla.suse.com/1075621", }, { category: "self", summary: "SUSE Bug 1075627", url: "https://bugzilla.suse.com/1075627", }, { category: "self", summary: "SUSE Bug 1075811", url: "https://bugzilla.suse.com/1075811", }, { category: "self", summary: "SUSE Bug 1075994", url: "https://bugzilla.suse.com/1075994", }, { category: "self", summary: "SUSE Bug 1076017", url: "https://bugzilla.suse.com/1076017", }, { category: "self", summary: "SUSE Bug 1076110", url: "https://bugzilla.suse.com/1076110", }, { category: "self", summary: "SUSE Bug 1076187", url: "https://bugzilla.suse.com/1076187", }, { category: "self", summary: "SUSE Bug 1076232", url: "https://bugzilla.suse.com/1076232", }, { category: "self", summary: "SUSE Bug 1076282", url: "https://bugzilla.suse.com/1076282", }, { category: "self", summary: "SUSE Bug 1076693", url: "https://bugzilla.suse.com/1076693", }, { category: "self", summary: "SUSE Bug 1076760", url: "https://bugzilla.suse.com/1076760", }, { category: "self", summary: "SUSE Bug 1076805", url: "https://bugzilla.suse.com/1076805", }, { category: "self", summary: "SUSE Bug 1076847", url: "https://bugzilla.suse.com/1076847", }, { category: "self", summary: "SUSE Bug 1076872", url: "https://bugzilla.suse.com/1076872", }, { category: "self", summary: "SUSE Bug 1076899", url: "https://bugzilla.suse.com/1076899", }, { category: "self", summary: "SUSE Bug 1076982", url: "https://bugzilla.suse.com/1076982", }, { category: "self", summary: "SUSE Bug 1077068", url: "https://bugzilla.suse.com/1077068", }, { category: "self", summary: "SUSE Bug 1077241", url: "https://bugzilla.suse.com/1077241", }, { category: "self", summary: "SUSE Bug 1077285", url: "https://bugzilla.suse.com/1077285", }, { category: "self", summary: "SUSE Bug 1077513", url: "https://bugzilla.suse.com/1077513", }, { category: "self", summary: "SUSE Bug 1077560", url: "https://bugzilla.suse.com/1077560", }, { category: "self", summary: "SUSE Bug 1077592", url: "https://bugzilla.suse.com/1077592", }, { category: "self", summary: "SUSE Bug 1077704", url: "https://bugzilla.suse.com/1077704", }, { category: "self", summary: "SUSE Bug 1077779", url: "https://bugzilla.suse.com/1077779", }, { category: "self", summary: "SUSE Bug 1077871", url: "https://bugzilla.suse.com/1077871", }, { category: "self", summary: "SUSE Bug 1078002", url: "https://bugzilla.suse.com/1078002", }, { category: "self", summary: "SUSE Bug 1078583", url: "https://bugzilla.suse.com/1078583", }, { category: "self", summary: "SUSE Bug 1078672", url: "https://bugzilla.suse.com/1078672", }, { category: "self", summary: "SUSE Bug 1078673", url: "https://bugzilla.suse.com/1078673", }, { category: "self", summary: "SUSE Bug 1078681", url: "https://bugzilla.suse.com/1078681", }, { category: "self", summary: "SUSE Bug 1078787", url: "https://bugzilla.suse.com/1078787", }, { category: "self", summary: "SUSE Bug 1079029", url: "https://bugzilla.suse.com/1079029", }, { category: "self", summary: "SUSE Bug 1079038", url: "https://bugzilla.suse.com/1079038", }, { category: "self", summary: "SUSE Bug 1079195", url: "https://bugzilla.suse.com/1079195", }, { category: "self", summary: "SUSE Bug 1079313", url: "https://bugzilla.suse.com/1079313", }, { category: "self", summary: "SUSE Bug 1079384", url: "https://bugzilla.suse.com/1079384", }, { category: "self", summary: "SUSE Bug 1079609", url: "https://bugzilla.suse.com/1079609", }, { category: "self", summary: "SUSE Bug 1079886", url: "https://bugzilla.suse.com/1079886", }, { category: "self", summary: "SUSE Bug 1079989", url: "https://bugzilla.suse.com/1079989", }, { category: "self", summary: "SUSE Bug 1080014", url: "https://bugzilla.suse.com/1080014", }, { category: "self", summary: "SUSE Bug 1080263", url: "https://bugzilla.suse.com/1080263", }, { category: "self", summary: "SUSE Bug 1080321", url: "https://bugzilla.suse.com/1080321", }, { category: "self", summary: "SUSE Bug 1080344", url: "https://bugzilla.suse.com/1080344", }, { category: "self", summary: "SUSE Bug 1080364", url: "https://bugzilla.suse.com/1080364", }, { category: "self", summary: "SUSE Bug 1080384", url: "https://bugzilla.suse.com/1080384", }, { category: "self", summary: "SUSE Bug 1080464", url: "https://bugzilla.suse.com/1080464", }, { category: "self", summary: "SUSE Bug 1080533", url: "https://bugzilla.suse.com/1080533", }, { category: "self", summary: "SUSE Bug 1080656", url: "https://bugzilla.suse.com/1080656", }, { category: "self", summary: "SUSE Bug 1080774", url: "https://bugzilla.suse.com/1080774", }, { category: "self", summary: "SUSE Bug 1080813", url: "https://bugzilla.suse.com/1080813", }, { category: "self", summary: "SUSE Bug 1080851", url: "https://bugzilla.suse.com/1080851", }, { category: "self", summary: "SUSE Bug 1081134", url: "https://bugzilla.suse.com/1081134", }, { category: "self", summary: "SUSE Bug 1081431", url: "https://bugzilla.suse.com/1081431", }, { category: "self", summary: "SUSE Bug 1081436", url: "https://bugzilla.suse.com/1081436", }, { category: "self", summary: "SUSE Bug 1081437", url: "https://bugzilla.suse.com/1081437", }, { category: "self", summary: "SUSE Bug 1081491", url: "https://bugzilla.suse.com/1081491", }, { category: "self", summary: "SUSE Bug 1081498", url: "https://bugzilla.suse.com/1081498", }, { category: "self", summary: "SUSE Bug 1081500", url: "https://bugzilla.suse.com/1081500", }, { category: "self", summary: "SUSE Bug 1081512", url: "https://bugzilla.suse.com/1081512", }, { category: "self", summary: "SUSE Bug 1081514", url: "https://bugzilla.suse.com/1081514", }, { category: "self", summary: "SUSE Bug 1081681", url: "https://bugzilla.suse.com/1081681", }, { category: "self", summary: "SUSE Bug 1081735", url: "https://bugzilla.suse.com/1081735", }, { category: "self", summary: "SUSE Bug 1082089", url: "https://bugzilla.suse.com/1082089", }, { category: "self", summary: "SUSE Bug 1082223", url: "https://bugzilla.suse.com/1082223", }, { category: "self", summary: "SUSE Bug 1082299", url: "https://bugzilla.suse.com/1082299", }, { category: "self", summary: "SUSE Bug 1082373", url: "https://bugzilla.suse.com/1082373", }, { category: "self", summary: "SUSE Bug 1082478", url: "https://bugzilla.suse.com/1082478", }, { category: "self", summary: "SUSE Bug 1082632", url: "https://bugzilla.suse.com/1082632", }, { category: "self", summary: "SUSE Bug 1082795", url: "https://bugzilla.suse.com/1082795", }, { category: "self", summary: "SUSE Bug 1082864", url: "https://bugzilla.suse.com/1082864", }, { category: "self", summary: "SUSE Bug 1082897", url: "https://bugzilla.suse.com/1082897", }, { category: "self", summary: "SUSE Bug 1082979", url: "https://bugzilla.suse.com/1082979", }, { category: "self", summary: "SUSE Bug 1082993", url: "https://bugzilla.suse.com/1082993", }, { category: "self", summary: "SUSE Bug 1083048", url: "https://bugzilla.suse.com/1083048", }, { category: "self", summary: "SUSE Bug 1083056", url: "https://bugzilla.suse.com/1083056", }, { category: "self", summary: "SUSE Bug 1083086", url: "https://bugzilla.suse.com/1083086", }, { category: "self", summary: "SUSE Bug 1083223", url: "https://bugzilla.suse.com/1083223", }, { category: "self", summary: "SUSE Bug 1083387", url: "https://bugzilla.suse.com/1083387", }, { category: "self", summary: "SUSE Bug 1083409", url: "https://bugzilla.suse.com/1083409", }, { category: "self", summary: "SUSE Bug 1083494", url: "https://bugzilla.suse.com/1083494", }, { category: "self", summary: "SUSE Bug 1083548", url: "https://bugzilla.suse.com/1083548", }, { category: "self", summary: "SUSE Bug 1083750", url: "https://bugzilla.suse.com/1083750", }, { category: "self", summary: "SUSE Bug 1083770", url: "https://bugzilla.suse.com/1083770", }, { category: "self", summary: "SUSE Bug 1084041", url: "https://bugzilla.suse.com/1084041", }, { category: "self", summary: "SUSE Bug 1084397", url: "https://bugzilla.suse.com/1084397", }, { category: "self", summary: "SUSE Bug 1084427", url: "https://bugzilla.suse.com/1084427", }, { category: "self", summary: "SUSE Bug 1084610", url: "https://bugzilla.suse.com/1084610", }, { category: "self", summary: "SUSE Bug 1084772", url: "https://bugzilla.suse.com/1084772", }, { category: "self", summary: "SUSE Bug 1084888", url: "https://bugzilla.suse.com/1084888", }, { category: "self", summary: "SUSE Bug 1084926", url: "https://bugzilla.suse.com/1084926", }, { category: "self", summary: "SUSE Bug 1084928", url: "https://bugzilla.suse.com/1084928", }, { category: "self", summary: "SUSE Bug 1084967", url: "https://bugzilla.suse.com/1084967", }, { category: "self", summary: "SUSE Bug 1085011", url: "https://bugzilla.suse.com/1085011", }, { category: "self", summary: "SUSE Bug 1085015", url: "https://bugzilla.suse.com/1085015", }, { category: "self", summary: "SUSE Bug 1085045", url: "https://bugzilla.suse.com/1085045", }, { category: "self", summary: "SUSE Bug 1085047", url: "https://bugzilla.suse.com/1085047", }, { category: "self", summary: "SUSE Bug 1085050", url: "https://bugzilla.suse.com/1085050", }, { category: "self", summary: "SUSE Bug 1085053", url: "https://bugzilla.suse.com/1085053", }, { category: "self", summary: "SUSE Bug 1085054", url: "https://bugzilla.suse.com/1085054", }, { category: "self", summary: "SUSE Bug 1085056", url: "https://bugzilla.suse.com/1085056", }, { category: "self", summary: "SUSE Bug 1085107", url: "https://bugzilla.suse.com/1085107", }, { category: "self", summary: "SUSE Bug 1085224", url: "https://bugzilla.suse.com/1085224", }, { category: "self", summary: "SUSE Bug 1085239", url: "https://bugzilla.suse.com/1085239", }, { category: "self", summary: "SUSE Bug 863764", url: "https://bugzilla.suse.com/863764", }, { category: "self", summary: "SUSE Bug 963844", url: "https://bugzilla.suse.com/963844", }, { category: "self", summary: "SUSE Bug 966170", url: "https://bugzilla.suse.com/966170", }, { category: "self", summary: "SUSE Bug 966172", url: "https://bugzilla.suse.com/966172", }, { category: "self", summary: "SUSE Bug 966328", url: "https://bugzilla.suse.com/966328", }, { category: "self", summary: "SUSE Bug 969476", url: "https://bugzilla.suse.com/969476", }, { category: "self", summary: "SUSE Bug 969477", url: "https://bugzilla.suse.com/969477", }, { category: "self", summary: "SUSE Bug 973818", url: "https://bugzilla.suse.com/973818", }, { category: "self", summary: "SUSE Bug 975772", url: "https://bugzilla.suse.com/975772", }, { category: "self", summary: "SUSE Bug 983145", url: "https://bugzilla.suse.com/983145", }, { category: "self", summary: "SUSE Bug 985025", url: "https://bugzilla.suse.com/985025", }, { category: "self", summary: "SUSE CVE CVE-2017-13166 page", url: "https://www.suse.com/security/cve/CVE-2017-13166/", }, { category: "self", summary: "SUSE CVE CVE-2017-15129 page", url: "https://www.suse.com/security/cve/CVE-2017-15129/", }, { category: "self", summary: "SUSE CVE CVE-2017-15951 page", url: "https://www.suse.com/security/cve/CVE-2017-15951/", }, { category: "self", summary: "SUSE CVE CVE-2017-16644 page", url: "https://www.suse.com/security/cve/CVE-2017-16644/", }, { category: "self", summary: "SUSE CVE CVE-2017-16912 page", url: "https://www.suse.com/security/cve/CVE-2017-16912/", }, { category: "self", summary: "SUSE CVE CVE-2017-16913 page", url: "https://www.suse.com/security/cve/CVE-2017-16913/", }, { category: "self", summary: "SUSE CVE CVE-2017-17712 page", url: "https://www.suse.com/security/cve/CVE-2017-17712/", }, { category: "self", summary: "SUSE CVE CVE-2017-17862 page", url: "https://www.suse.com/security/cve/CVE-2017-17862/", }, { category: "self", summary: "SUSE CVE CVE-2017-17864 page", url: "https://www.suse.com/security/cve/CVE-2017-17864/", }, { category: "self", summary: "SUSE CVE CVE-2017-17975 page", url: "https://www.suse.com/security/cve/CVE-2017-17975/", }, { category: "self", summary: "SUSE CVE CVE-2017-18017 page", url: "https://www.suse.com/security/cve/CVE-2017-18017/", }, { category: "self", summary: "SUSE CVE CVE-2017-18174 page", url: "https://www.suse.com/security/cve/CVE-2017-18174/", }, { category: "self", summary: "SUSE CVE CVE-2017-18208 page", url: "https://www.suse.com/security/cve/CVE-2017-18208/", }, { category: "self", summary: "SUSE CVE CVE-2017-5715 page", url: "https://www.suse.com/security/cve/CVE-2017-5715/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000004 page", url: "https://www.suse.com/security/cve/CVE-2018-1000004/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000026 page", url: "https://www.suse.com/security/cve/CVE-2018-1000026/", }, { category: "self", summary: "SUSE CVE CVE-2018-5332 page", url: "https://www.suse.com/security/cve/CVE-2018-5332/", }, { category: "self", summary: "SUSE CVE CVE-2018-5333 page", url: "https://www.suse.com/security/cve/CVE-2018-5333/", }, { category: "self", summary: "SUSE CVE CVE-2018-8087 page", url: "https://www.suse.com/security/cve/CVE-2018-8087/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-04-19T09:27:38Z", generator: { date: "2018-04-19T09:27:38Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:0986-1", initial_release_date: "2018-04-19T09:27:38Z", revision_history: [ { date: "2018-04-19T09:27:38Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-4.4.120-3.8.1.noarch", product: { name: "kernel-devel-rt-4.4.120-3.8.1.noarch", product_id: "kernel-devel-rt-4.4.120-3.8.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-4.4.120-3.8.1.noarch", product: { name: "kernel-source-rt-4.4.120-3.8.1.noarch", product_id: "kernel-source-rt-4.4.120-3.8.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", product: { name: "cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", product_id: "cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-4.4.120-3.8.1.x86_64", product: { name: "dlm-kmp-rt-4.4.120-3.8.1.x86_64", product_id: "dlm-kmp-rt-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-4.4.120-3.8.1.x86_64", product: { name: "gfs2-kmp-rt-4.4.120-3.8.1.x86_64", product_id: "gfs2-kmp-rt-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-4.4.120-3.8.1.x86_64", product: { name: "kernel-rt-4.4.120-3.8.1.x86_64", product_id: "kernel-rt-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-base-4.4.120-3.8.1.x86_64", product: { name: "kernel-rt-base-4.4.120-3.8.1.x86_64", product_id: "kernel-rt-base-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-4.4.120-3.8.1.x86_64", product: { name: "kernel-rt-devel-4.4.120-3.8.1.x86_64", product_id: "kernel-rt-devel-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", product: { name: "kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", product_id: "kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-4.4.120-3.8.1.x86_64", product: { name: "kernel-syms-rt-4.4.120-3.8.1.x86_64", product_id: "kernel-syms-rt-4.4.120-3.8.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", product: { name: "ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", product_id: "ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Real Time 12 SP3", product: { name: "SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse-linux-enterprise-rt:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", }, product_reference: "cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", }, product_reference: "dlm-kmp-rt-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", }, product_reference: "gfs2-kmp-rt-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-4.4.120-3.8.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", }, product_reference: "kernel-devel-rt-4.4.120-3.8.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", }, product_reference: "kernel-rt-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-base-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", }, product_reference: "kernel-rt-base-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", }, product_reference: "kernel-rt-devel-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", }, product_reference: "kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-4.4.120-3.8.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", }, product_reference: "kernel-source-rt-4.4.120-3.8.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", }, product_reference: "kernel-syms-rt-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", }, product_reference: "ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2017-13166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13166", }, ], notes: [ { category: "general", text: "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13166", url: "https://www.suse.com/security/cve/CVE-2017-13166", }, { category: "external", summary: "SUSE Bug 1072865 for CVE-2017-13166", url: "https://bugzilla.suse.com/1072865", }, { category: "external", summary: "SUSE Bug 1085447 for CVE-2017-13166", url: "https://bugzilla.suse.com/1085447", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-13166", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-13166", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "important", }, ], title: "CVE-2017-13166", }, { cve: "CVE-2017-15129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15129", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15129", url: "https://www.suse.com/security/cve/CVE-2017-15129", }, { category: "external", summary: "SUSE Bug 1074839 for CVE-2017-15129", url: "https://bugzilla.suse.com/1074839", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-15129", }, { cve: "CVE-2017-15951", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15951", }, ], notes: [ { category: "general", text: "The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the \"negative\" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15951", url: "https://www.suse.com/security/cve/CVE-2017-15951", }, { category: "external", summary: "SUSE Bug 1062840 for CVE-2017-15951", url: "https://bugzilla.suse.com/1062840", }, { category: "external", summary: "SUSE Bug 1065615 for CVE-2017-15951", url: "https://bugzilla.suse.com/1065615", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "low", }, ], title: "CVE-2017-15951", }, { cve: "CVE-2017-16644", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16644", }, ], notes: [ { category: "general", text: "The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16644", url: "https://www.suse.com/security/cve/CVE-2017-16644", }, { category: "external", summary: "SUSE Bug 1067118 for CVE-2017-16644", url: "https://bugzilla.suse.com/1067118", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16644", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-16644", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16644", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-16644", }, { cve: "CVE-2017-16912", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16912", }, ], notes: [ { category: "general", text: "The \"get_pipe()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16912", url: "https://www.suse.com/security/cve/CVE-2017-16912", }, { category: "external", summary: "SUSE Bug 1078673 for CVE-2017-16912", url: "https://bugzilla.suse.com/1078673", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16912", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-16912", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-16912", }, { cve: "CVE-2017-16913", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16913", }, ], notes: [ { category: "general", text: "The \"stub_recv_cmd_submit()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16913", url: "https://www.suse.com/security/cve/CVE-2017-16913", }, { category: "external", summary: "SUSE Bug 1078672 for CVE-2017-16913", url: "https://bugzilla.suse.com/1078672", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16913", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-16913", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-16913", }, { cve: "CVE-2017-17712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17712", }, ], notes: [ { category: "general", text: "The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17712", url: "https://www.suse.com/security/cve/CVE-2017-17712", }, { category: "external", summary: "SUSE Bug 1073229 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073229", }, { category: "external", summary: "SUSE Bug 1073230 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073230", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "important", }, ], title: "CVE-2017-17712", }, { cve: "CVE-2017-17862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17862", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17862", url: "https://www.suse.com/security/cve/CVE-2017-17862", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17862", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-17862", }, { cve: "CVE-2017-17864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17864", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17864", url: "https://www.suse.com/security/cve/CVE-2017-17864", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17864", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-17864", }, { cve: "CVE-2017-17975", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17975", }, ], notes: [ { category: "general", text: "Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17975", url: "https://www.suse.com/security/cve/CVE-2017-17975", }, { category: "external", summary: "SUSE Bug 1074426 for CVE-2017-17975", url: "https://bugzilla.suse.com/1074426", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "low", }, ], title: "CVE-2017-17975", }, { cve: "CVE-2017-18017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18017", }, ], notes: [ { category: "general", text: "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18017", url: "https://www.suse.com/security/cve/CVE-2017-18017", }, { category: "external", summary: "SUSE Bug 1074488 for CVE-2017-18017", url: "https://bugzilla.suse.com/1074488", }, { category: "external", summary: "SUSE Bug 1080255 for CVE-2017-18017", url: "https://bugzilla.suse.com/1080255", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-18017", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-18017", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 971126 for CVE-2017-18017", url: "https://bugzilla.suse.com/971126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "important", }, ], title: "CVE-2017-18017", }, { cve: "CVE-2017-18174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18174", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18174", url: "https://www.suse.com/security/cve/CVE-2017-18174", }, { category: "external", summary: "SUSE Bug 1080533 for CVE-2017-18174", url: "https://bugzilla.suse.com/1080533", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-18174", }, { cve: "CVE-2017-18208", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18208", }, ], notes: [ { category: "general", text: "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18208", url: "https://www.suse.com/security/cve/CVE-2017-18208", }, { category: "external", summary: "SUSE Bug 1083494 for CVE-2017-18208", url: "https://bugzilla.suse.com/1083494", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-18208", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-18208", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2017-18208", }, { cve: "CVE-2017-5715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5715", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5715", url: "https://www.suse.com/security/cve/CVE-2017-5715", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5715", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1074741 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074741", }, { category: "external", summary: "SUSE Bug 1074919 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074919", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075007 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075007", }, { category: "external", summary: "SUSE Bug 1075262 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075262", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1076115 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076115", }, { category: "external", summary: "SUSE Bug 1076372 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076372", }, { category: "external", summary: "SUSE Bug 1076606 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076606", }, { category: "external", summary: "SUSE Bug 1078353 for CVE-2017-5715", url: "https://bugzilla.suse.com/1078353", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5715", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087887 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087887", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1088147 for CVE-2017-5715", url: "https://bugzilla.suse.com/1088147", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5715", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-5715", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1095735 for CVE-2017-5715", url: "https://bugzilla.suse.com/1095735", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2017-5715", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-5715", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1126516 for CVE-2017-5715", url: "https://bugzilla.suse.com/1126516", }, { category: "external", summary: "SUSE Bug 1173489 for CVE-2017-5715", url: "https://bugzilla.suse.com/1173489", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5715", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201457 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201457", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1203236 for CVE-2017-5715", url: "https://bugzilla.suse.com/1203236", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "important", }, ], title: "CVE-2017-5715", }, { cve: "CVE-2018-1000004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000004", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000004", url: "https://www.suse.com/security/cve/CVE-2018-1000004", }, { category: "external", summary: "SUSE Bug 1076017 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1076017", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2018-1000004", }, { cve: "CVE-2018-1000026", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000026", }, ], notes: [ { category: "general", text: "Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000026", url: "https://www.suse.com/security/cve/CVE-2018-1000026", }, { category: "external", summary: "SUSE Bug 1079384 for CVE-2018-1000026", url: "https://bugzilla.suse.com/1079384", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-1000026", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1096723 for CVE-2018-1000026", url: "https://bugzilla.suse.com/1096723", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "important", }, ], title: "CVE-2018-1000026", }, { cve: "CVE-2018-5332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5332", }, ], notes: [ { category: "general", text: "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5332", url: "https://www.suse.com/security/cve/CVE-2018-5332", }, { category: "external", summary: "SUSE Bug 1075621 for CVE-2018-5332", url: "https://bugzilla.suse.com/1075621", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5332", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-5332", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "low", }, ], title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5333", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5333", url: "https://www.suse.com/security/cve/CVE-2018-5333", }, { category: "external", summary: "SUSE Bug 1075617 for CVE-2018-5333", url: "https://bugzilla.suse.com/1075617", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5333", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "low", }, ], title: "CVE-2018-5333", }, { cve: "CVE-2018-8087", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-8087", }, ], notes: [ { category: "general", text: "Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-8087", url: "https://www.suse.com/security/cve/CVE-2018-8087", }, { category: "external", summary: "SUSE Bug 1085053 for CVE-2018-8087", url: "https://bugzilla.suse.com/1085053", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-04-19T09:27:38Z", details: "moderate", }, ], title: "CVE-2018-8087", }, ], }
suse-su-2021:3935-1
Vulnerability from csaf_suse
Published
2021-12-06 12:28
Modified
2021-12-06 12:28
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past (jsc#SLE-22573)
You can reenable via systemctl setting /proc/sys/kernel/unprivileged_bpf_disabled to 0. (kernel.unprivileged_bpf_disabled = 0)
- CVE-2021-31916: An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel A bound check failure allowed an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability (bnc#1192781).
- CVE-2021-20322: Make the ipv4 and ipv6 ICMP exception caches less predictive to avoid information leaks about UDP ports in use. (bsc#1191790)
- CVE-2021-34981: Fixed file refcounting in cmtp when cmtp_attach_device fails (bsc#1191961).
- CVE-2020-12655: An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767 (bnc#1171217).
- CVE-2021-43389: There was an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
- CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c called unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free (bnc#1188601).
- CVE-2021-34556: An unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack (bnc#1188983).
- CVE-2021-35477: An unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation did not necessarily occur before a store operation that has an attacker-controlled value (bnc#1188985).
- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).
- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).
- CVE-2021-20265: A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allowed an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability (bnc#1183089).
- CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).
- CVE-2021-3655: Missing size validations on inbound SCTP packets may have allowed the kernel to read uninitialized memory (bnc#1188563).
- CVE-2018-13405: The inode_init_owner function in fs/inode.c in the Linux kernel allowed local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID (bnc#1100416 bnc#1129735).
- CVE-2021-3760: Fixed a use-after-free vulnerability with the ndev->rf_conn_info object (bsc#1190067).
- CVE-2021-42739: The firewire subsystem in the Linux kernel has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bnc#1184673).
- CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063).
- CVE-2021-33033: The Linux kernel has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value (bnc#1186109 bnc#1186390 bnc#1188876).
- CVE-2020-14305: An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allowed an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (bnc#1173346).
- CVE-2021-3715: Fixed a use-after-free in route4_change() in net/sched/cls_route.c (bsc#1190349).
- CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (bsc#1191958).
- CVE-2021-42008: The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access (bnc#1191315).
- CVE-2020-3702: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic (bnc#1191193).
- CVE-2021-3752: Fixed a use after free vulnerability in the Linux kernel's bluetooth module. (bsc#1190023)
- CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel (bnc#1190159 bnc#1192775)
- CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172).
- CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190117)
- CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025).
- CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706).
- CVE-2021-3653: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7 (bnc#1189399 bnc#1189420).
- CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262 bnc#1189278).
- CVE-2021-38204: drivers/usb/host/max3421-hcd.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291).
- CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057).
- CVE-2018-16882: A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions and are vulnerable (bnc#1119934).
- CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1176724).
- CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296 (bnc#1177666 bnc#1181158).
- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel on the powerpc platform allowed KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e (bnc#1188838).
The following non-security bugs were fixed:
- PCI: hv: Use expected affinity when unmasking IRQ (bsc#1185973).
- SUNRPC: improve error response to over-size gss credential (bsc#1190022).
- Update config files: Add CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set
- blacklist.conf: Drop a line that was added by mistake
- bpf: Add kconfig knob for disabling unpriv bpf by default (jsc#SLE-22918)
- bpf: Disallow unprivileged bpf by default (jsc#SLE-22918).
- bpf: properly enforce index mask to prevent out-of-bounds speculation (bsc#1098425).
- config: disable unprivileged BPF by default (jsc#SLE-22918)
- cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (bsc#1185758,bsc#1192400).
- ftrace: Fix scripts/recordmcount.pl due to new binutils (bsc#1192267).
- hv: mana: adjust mana_select_queue to old API (jsc#SLE-18779, bsc#1185727).
- hv: mana: declare vzalloc (jsc#SLE-18779, bsc#1185726).
- hv: mana: fake bitmap API (jsc#SLE-18779, bsc#1185726).
- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185727).
- kABI: protect struct bpf_map (kabi).
- mm: replace open coded page to virt conversion with page_to_virt() (jsc#SLE-18779, bsc#1185727).
- net/mlx4_en: Avoid scheduling restart task if it is already running (bsc#1181854 bsc#1181855).
- net/mlx4_en: Handle TX error CQE (bsc#1181854 bsc#1181855).
- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185727).
- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185727).
- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185727).
- net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185727).
- net: mana: Fix error handling in mana_create_rxq() (git-fixes, bsc#1191801).
- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185727).
- net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185727).
- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185727).
- net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185727).
- net: sched: sch_teql: fix null-pointer dereference (bsc#1190717).
- s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (bsc#1190601).
- s390/bpf: Fix branch shortening during codegen pass (bsc#1190601).
- s390/bpf: Fix optimizing out zero-extensions (bsc#1190601).
- s390/bpf: Wrap JIT macro parameter usages in parentheses (bsc#1190601).
- s390: bpf: implement jitting of BPF_ALU | BPF_ARSH | BPF_* (bsc#1190601).
- scsi: sg: add sg_remove_request in sg_write (bsc#1171420 CVE2020-12770).
- sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351).
- sctp: fully initialize v4 addr in some functions (bsc#1188563).
- sctp: simplify addr copy (bsc#1188563).
- x86/CPU: Add more Icelake model numbers (bsc#1185758,bsc#1192400).
- x86/tlb: Flush global mappings when KAISER is disabled (bsc#1190194).
Patchnames
HPE-Helion-OpenStack-8-2021-3935,SUSE-2021-3935,SUSE-OpenStack-Cloud-8-2021-3935,SUSE-OpenStack-Cloud-Crowbar-8-2021-3935,SUSE-SLE-HA-12-SP3-2021-3935,SUSE-SLE-SAP-12-SP3-2021-3935,SUSE-SLE-SERVER-12-SP3-2021-3935,SUSE-SLE-SERVER-12-SP3-BCL-2021-3935
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past (jsc#SLE-22573)\n\n You can reenable via systemctl setting /proc/sys/kernel/unprivileged_bpf_disabled to 0. (kernel.unprivileged_bpf_disabled = 0)\n\n- CVE-2021-31916: An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel A bound check failure allowed an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability (bnc#1192781).\n- CVE-2021-20322: Make the ipv4 and ipv6 ICMP exception caches less predictive to avoid information leaks about UDP ports in use. (bsc#1191790)\n- CVE-2021-34981: Fixed file refcounting in cmtp when cmtp_attach_device fails (bsc#1191961).\n- CVE-2020-12655: An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767 (bnc#1171217).\n- CVE-2021-43389: There was an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).\n- CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c called unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free (bnc#1188601).\n- CVE-2021-34556: An unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack (bnc#1188983).\n- CVE-2021-35477: An unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation did not necessarily occur before a store operation that has an attacker-controlled value (bnc#1188985).\n- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).\n- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).\n- CVE-2021-20265: A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allowed an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability (bnc#1183089).\n- CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).\n- CVE-2021-3655: Missing size validations on inbound SCTP packets may have allowed the kernel to read uninitialized memory (bnc#1188563).\n- CVE-2018-13405: The inode_init_owner function in fs/inode.c in the Linux kernel allowed local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID (bnc#1100416 bnc#1129735).\n- CVE-2021-3760: Fixed a use-after-free vulnerability with the ndev->rf_conn_info object (bsc#1190067).\n- CVE-2021-42739: The firewire subsystem in the Linux kernel has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bnc#1184673).\n- CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063).\n- CVE-2021-33033: The Linux kernel has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value (bnc#1186109 bnc#1186390 bnc#1188876).\n- CVE-2020-14305: An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allowed an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (bnc#1173346).\n- CVE-2021-3715: Fixed a use-after-free in route4_change() in net/sched/cls_route.c (bsc#1190349).\n- CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (bsc#1191958).\n- CVE-2021-42008: The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access (bnc#1191315).\n- CVE-2020-3702: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic (bnc#1191193).\n- CVE-2021-3752: Fixed a use after free vulnerability in the Linux kernel's bluetooth module. (bsc#1190023)\n- CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel (bnc#1190159 bnc#1192775)\n- CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172).\n- CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190117)\n- CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025).\n- CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706).\n- CVE-2021-3653: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7 (bnc#1189399 bnc#1189420).\n- CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262 bnc#1189278).\n- CVE-2021-38204: drivers/usb/host/max3421-hcd.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291).\n- CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057).\n- CVE-2018-16882: A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions and are vulnerable (bnc#1119934).\n- CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1176724).\n- CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296 (bnc#1177666 bnc#1181158).\n- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).\n- CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel on the powerpc platform allowed KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e (bnc#1188838).\n\nThe following non-security bugs were fixed:\n\n- PCI: hv: Use expected affinity when unmasking IRQ (bsc#1185973).\n- SUNRPC: improve error response to over-size gss credential (bsc#1190022).\n- Update config files: Add CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set\n- blacklist.conf: Drop a line that was added by mistake\n- bpf: Add kconfig knob for disabling unpriv bpf by default (jsc#SLE-22918)\n- bpf: Disallow unprivileged bpf by default (jsc#SLE-22918).\n- bpf: properly enforce index mask to prevent out-of-bounds speculation (bsc#1098425).\n- config: disable unprivileged BPF by default (jsc#SLE-22918)\n- cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (bsc#1185758,bsc#1192400).\n- ftrace: Fix scripts/recordmcount.pl due to new binutils (bsc#1192267).\n- hv: mana: adjust mana_select_queue to old API (jsc#SLE-18779, bsc#1185727).\n- hv: mana: declare vzalloc (jsc#SLE-18779, bsc#1185726).\n- hv: mana: fake bitmap API (jsc#SLE-18779, bsc#1185726).\n- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185727).\n- kABI: protect struct bpf_map (kabi).\n- mm: replace open coded page to virt conversion with page_to_virt() (jsc#SLE-18779, bsc#1185727).\n- net/mlx4_en: Avoid scheduling restart task if it is already running (bsc#1181854 bsc#1181855).\n- net/mlx4_en: Handle TX error CQE (bsc#1181854 bsc#1181855).\n- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185727).\n- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185727).\n- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185727).\n- net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185727).\n- net: mana: Fix error handling in mana_create_rxq() (git-fixes, bsc#1191801).\n- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185727).\n- net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185727).\n- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185727).\n- net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185727).\n- net: sched: sch_teql: fix null-pointer dereference (bsc#1190717).\n- s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (bsc#1190601).\n- s390/bpf: Fix branch shortening during codegen pass (bsc#1190601).\n- s390/bpf: Fix optimizing out zero-extensions (bsc#1190601).\n- s390/bpf: Wrap JIT macro parameter usages in parentheses (bsc#1190601).\n- s390: bpf: implement jitting of BPF_ALU | BPF_ARSH | BPF_* (bsc#1190601).\n- scsi: sg: add sg_remove_request in sg_write (bsc#1171420 CVE2020-12770).\n- sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351).\n- sctp: fully initialize v4 addr in some functions (bsc#1188563).\n- sctp: simplify addr copy (bsc#1188563).\n- x86/CPU: Add more Icelake model numbers (bsc#1185758,bsc#1192400).\n- x86/tlb: Flush global mappings when KAISER is disabled (bsc#1190194).\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2021-3935,SUSE-2021-3935,SUSE-OpenStack-Cloud-8-2021-3935,SUSE-OpenStack-Cloud-Crowbar-8-2021-3935,SUSE-SLE-HA-12-SP3-2021-3935,SUSE-SLE-SAP-12-SP3-2021-3935,SUSE-SLE-SERVER-12-SP3-2021-3935,SUSE-SLE-SERVER-12-SP3-BCL-2021-3935", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3935-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:3935-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20213935-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:3935-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009856.html", }, { category: "self", summary: "SUSE Bug 1073928", url: "https://bugzilla.suse.com/1073928", }, { category: "self", summary: "SUSE Bug 1098425", url: "https://bugzilla.suse.com/1098425", }, { category: "self", summary: "SUSE Bug 1100416", url: "https://bugzilla.suse.com/1100416", }, { category: "self", summary: "SUSE Bug 1119934", url: "https://bugzilla.suse.com/1119934", }, { category: "self", summary: "SUSE Bug 1129735", url: "https://bugzilla.suse.com/1129735", }, { category: "self", summary: "SUSE Bug 1171217", url: "https://bugzilla.suse.com/1171217", }, { category: "self", summary: "SUSE Bug 1171420", url: "https://bugzilla.suse.com/1171420", }, { category: "self", summary: "SUSE Bug 1173346", url: "https://bugzilla.suse.com/1173346", }, { category: "self", summary: "SUSE Bug 1176724", url: "https://bugzilla.suse.com/1176724", }, { category: "self", summary: "SUSE Bug 1177666", url: "https://bugzilla.suse.com/1177666", }, { category: "self", summary: "SUSE Bug 1181158", url: "https://bugzilla.suse.com/1181158", }, { category: "self", summary: "SUSE Bug 1181854", url: "https://bugzilla.suse.com/1181854", }, { category: "self", summary: "SUSE Bug 1181855", url: "https://bugzilla.suse.com/1181855", }, { category: "self", summary: "SUSE Bug 1183089", url: "https://bugzilla.suse.com/1183089", }, { category: "self", summary: "SUSE Bug 1184673", url: "https://bugzilla.suse.com/1184673", }, { category: "self", summary: "SUSE Bug 1185726", url: "https://bugzilla.suse.com/1185726", }, { category: "self", summary: "SUSE Bug 1185727", url: "https://bugzilla.suse.com/1185727", }, { category: "self", summary: "SUSE Bug 1185758", url: "https://bugzilla.suse.com/1185758", }, { category: "self", summary: "SUSE Bug 1185973", url: "https://bugzilla.suse.com/1185973", }, { category: "self", summary: "SUSE Bug 1186109", url: "https://bugzilla.suse.com/1186109", }, { category: "self", summary: "SUSE Bug 1186390", url: "https://bugzilla.suse.com/1186390", }, { category: "self", summary: "SUSE Bug 1188172", url: "https://bugzilla.suse.com/1188172", }, { category: "self", summary: "SUSE Bug 1188563", url: "https://bugzilla.suse.com/1188563", }, { category: "self", summary: "SUSE Bug 1188601", url: "https://bugzilla.suse.com/1188601", }, { category: "self", summary: "SUSE Bug 1188838", url: "https://bugzilla.suse.com/1188838", }, { category: "self", summary: "SUSE Bug 1188876", url: "https://bugzilla.suse.com/1188876", }, { category: "self", summary: "SUSE Bug 1188983", url: "https://bugzilla.suse.com/1188983", }, { category: "self", summary: "SUSE Bug 1188985", url: "https://bugzilla.suse.com/1188985", }, { category: "self", summary: "SUSE Bug 1189057", url: "https://bugzilla.suse.com/1189057", }, { category: "self", summary: "SUSE Bug 1189262", url: "https://bugzilla.suse.com/1189262", }, { category: "self", summary: "SUSE Bug 1189278", url: "https://bugzilla.suse.com/1189278", }, { category: "self", summary: "SUSE Bug 1189291", url: "https://bugzilla.suse.com/1189291", }, { category: "self", summary: "SUSE Bug 1189399", url: "https://bugzilla.suse.com/1189399", }, { category: "self", summary: "SUSE Bug 1189420", url: "https://bugzilla.suse.com/1189420", }, { category: "self", summary: "SUSE Bug 1189706", url: "https://bugzilla.suse.com/1189706", }, { category: "self", summary: "SUSE Bug 1190022", url: "https://bugzilla.suse.com/1190022", }, { category: "self", summary: "SUSE Bug 1190023", url: "https://bugzilla.suse.com/1190023", }, { category: "self", summary: "SUSE Bug 1190025", url: "https://bugzilla.suse.com/1190025", }, { category: "self", summary: "SUSE Bug 1190067", url: "https://bugzilla.suse.com/1190067", }, { category: "self", summary: "SUSE Bug 1190117", url: "https://bugzilla.suse.com/1190117", }, { category: "self", summary: "SUSE Bug 1190159", url: "https://bugzilla.suse.com/1190159", }, { category: "self", summary: "SUSE Bug 1190194", url: "https://bugzilla.suse.com/1190194", }, { category: "self", summary: "SUSE Bug 1190349", url: "https://bugzilla.suse.com/1190349", }, { category: "self", summary: "SUSE Bug 1190351", url: "https://bugzilla.suse.com/1190351", }, { category: "self", summary: "SUSE Bug 1190601", url: "https://bugzilla.suse.com/1190601", }, { category: "self", summary: "SUSE Bug 1190717", url: "https://bugzilla.suse.com/1190717", }, { category: "self", summary: "SUSE Bug 1191193", url: "https://bugzilla.suse.com/1191193", }, { category: "self", summary: "SUSE Bug 1191315", url: "https://bugzilla.suse.com/1191315", }, { category: "self", summary: "SUSE Bug 1191790", url: "https://bugzilla.suse.com/1191790", }, { category: "self", summary: "SUSE Bug 1191801", url: "https://bugzilla.suse.com/1191801", }, { category: "self", summary: "SUSE Bug 1191958", url: "https://bugzilla.suse.com/1191958", }, { category: "self", summary: "SUSE Bug 1191961", url: "https://bugzilla.suse.com/1191961", }, { category: "self", summary: "SUSE Bug 1192267", url: "https://bugzilla.suse.com/1192267", }, { category: "self", summary: "SUSE Bug 1192400", url: "https://bugzilla.suse.com/1192400", }, { category: "self", summary: "SUSE Bug 1192775", url: "https://bugzilla.suse.com/1192775", }, { category: "self", summary: "SUSE Bug 1192781", url: "https://bugzilla.suse.com/1192781", }, { category: "self", summary: "SUSE CVE CVE-2017-17862 page", url: "https://www.suse.com/security/cve/CVE-2017-17862/", }, { category: "self", summary: "SUSE CVE CVE-2017-17864 page", url: "https://www.suse.com/security/cve/CVE-2017-17864/", }, { category: "self", summary: "SUSE CVE CVE-2018-13405 page", url: "https://www.suse.com/security/cve/CVE-2018-13405/", }, { category: "self", summary: "SUSE CVE CVE-2018-16882 page", url: "https://www.suse.com/security/cve/CVE-2018-16882/", }, { category: "self", summary: "SUSE CVE CVE-2020-0429 page", url: "https://www.suse.com/security/cve/CVE-2020-0429/", }, { category: "self", summary: "SUSE CVE CVE-2020-12655 page", url: "https://www.suse.com/security/cve/CVE-2020-12655/", }, { category: "self", summary: "SUSE CVE CVE-2020-14305 page", url: "https://www.suse.com/security/cve/CVE-2020-14305/", }, { category: "self", summary: "SUSE CVE CVE-2020-3702 page", url: "https://www.suse.com/security/cve/CVE-2020-3702/", }, { category: "self", summary: "SUSE CVE CVE-2020-4788 page", url: "https://www.suse.com/security/cve/CVE-2020-4788/", }, { category: "self", summary: "SUSE CVE CVE-2021-20265 page", url: "https://www.suse.com/security/cve/CVE-2021-20265/", }, { category: "self", summary: "SUSE CVE CVE-2021-20322 page", url: "https://www.suse.com/security/cve/CVE-2021-20322/", }, { category: "self", summary: "SUSE CVE CVE-2021-31916 page", url: "https://www.suse.com/security/cve/CVE-2021-31916/", }, { category: "self", summary: "SUSE CVE CVE-2021-33033 page", url: "https://www.suse.com/security/cve/CVE-2021-33033/", }, { category: "self", summary: "SUSE CVE CVE-2021-34556 page", url: "https://www.suse.com/security/cve/CVE-2021-34556/", }, { category: "self", summary: "SUSE CVE CVE-2021-34981 page", url: "https://www.suse.com/security/cve/CVE-2021-34981/", }, { category: "self", summary: "SUSE CVE CVE-2021-3542 page", url: "https://www.suse.com/security/cve/CVE-2021-3542/", }, { category: "self", summary: "SUSE CVE CVE-2021-35477 page", url: "https://www.suse.com/security/cve/CVE-2021-35477/", }, { category: "self", summary: "SUSE CVE CVE-2021-3640 page", url: "https://www.suse.com/security/cve/CVE-2021-3640/", }, { category: "self", summary: "SUSE CVE CVE-2021-3653 page", url: "https://www.suse.com/security/cve/CVE-2021-3653/", }, { category: "self", summary: "SUSE CVE CVE-2021-3655 page", url: "https://www.suse.com/security/cve/CVE-2021-3655/", }, { category: "self", summary: "SUSE CVE CVE-2021-3659 page", url: "https://www.suse.com/security/cve/CVE-2021-3659/", }, { category: "self", summary: "SUSE CVE CVE-2021-3679 page", url: "https://www.suse.com/security/cve/CVE-2021-3679/", }, { category: "self", summary: "SUSE CVE CVE-2021-3715 page", url: "https://www.suse.com/security/cve/CVE-2021-3715/", }, { category: "self", summary: "SUSE CVE CVE-2021-37159 page", url: "https://www.suse.com/security/cve/CVE-2021-37159/", }, { category: "self", summary: "SUSE CVE CVE-2021-3732 page", url: "https://www.suse.com/security/cve/CVE-2021-3732/", }, { category: "self", summary: "SUSE CVE CVE-2021-3752 page", url: "https://www.suse.com/security/cve/CVE-2021-3752/", }, { category: "self", summary: "SUSE CVE CVE-2021-3753 page", url: "https://www.suse.com/security/cve/CVE-2021-3753/", }, { category: "self", summary: "SUSE CVE CVE-2021-37576 page", url: "https://www.suse.com/security/cve/CVE-2021-37576/", }, { category: "self", summary: "SUSE CVE CVE-2021-3760 page", url: "https://www.suse.com/security/cve/CVE-2021-3760/", }, { category: "self", summary: "SUSE CVE CVE-2021-3772 page", url: "https://www.suse.com/security/cve/CVE-2021-3772/", }, { category: "self", summary: "SUSE CVE CVE-2021-38160 page", url: "https://www.suse.com/security/cve/CVE-2021-38160/", }, { category: "self", summary: "SUSE CVE CVE-2021-38198 page", url: "https://www.suse.com/security/cve/CVE-2021-38198/", }, { category: "self", summary: "SUSE CVE CVE-2021-38204 page", url: "https://www.suse.com/security/cve/CVE-2021-38204/", }, { category: "self", summary: "SUSE CVE CVE-2021-3896 page", url: "https://www.suse.com/security/cve/CVE-2021-3896/", }, { category: "self", summary: "SUSE CVE CVE-2021-40490 page", url: "https://www.suse.com/security/cve/CVE-2021-40490/", }, { category: "self", summary: "SUSE CVE CVE-2021-42008 page", url: "https://www.suse.com/security/cve/CVE-2021-42008/", }, { category: "self", summary: "SUSE CVE CVE-2021-42739 page", url: "https://www.suse.com/security/cve/CVE-2021-42739/", }, { category: "self", summary: "SUSE CVE CVE-2021-43389 page", url: "https://www.suse.com/security/cve/CVE-2021-43389/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2021-12-06T12:28:40Z", generator: { date: "2021-12-06T12:28:40Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:3935-1", initial_release_date: "2021-12-06T12:28:40Z", revision_history: [ { date: "2021-12-06T12:28:40Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.150.1.aarch64", product: { name: "cluster-md-kmp-default-4.4.180-94.150.1.aarch64", product_id: "cluster-md-kmp-default-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.150.1.aarch64", product: { name: "dlm-kmp-default-4.4.180-94.150.1.aarch64", product_id: "dlm-kmp-default-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.150.1.aarch64", product: { name: "gfs2-kmp-default-4.4.180-94.150.1.aarch64", product_id: "gfs2-kmp-default-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.4.180-94.150.1.aarch64", product: { name: "kernel-default-4.4.180-94.150.1.aarch64", product_id: "kernel-default-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.150.1.aarch64", product: { name: "kernel-default-base-4.4.180-94.150.1.aarch64", product_id: "kernel-default-base-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.150.1.aarch64", product: { name: "kernel-default-devel-4.4.180-94.150.1.aarch64", product_id: "kernel-default-devel-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.150.1.aarch64", product: { name: "kernel-default-extra-4.4.180-94.150.1.aarch64", product_id: "kernel-default-extra-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.150.1.aarch64", product: { name: "kernel-default-kgraft-4.4.180-94.150.1.aarch64", product_id: "kernel-default-kgraft-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.150.1.aarch64", product: { name: "kernel-obs-build-4.4.180-94.150.1.aarch64", product_id: "kernel-obs-build-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.150.1.aarch64", product: { name: "kernel-obs-qa-4.4.180-94.150.1.aarch64", product_id: "kernel-obs-qa-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.150.1.aarch64", product: { name: "kernel-syms-4.4.180-94.150.1.aarch64", product_id: "kernel-syms-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.150.1.aarch64", product: { name: "kernel-vanilla-4.4.180-94.150.1.aarch64", product_id: "kernel-vanilla-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.150.1.aarch64", product: { name: "kernel-vanilla-base-4.4.180-94.150.1.aarch64", product_id: "kernel-vanilla-base-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.150.1.aarch64", product: { name: "kernel-vanilla-devel-4.4.180-94.150.1.aarch64", product_id: "kernel-vanilla-devel-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.150.1.aarch64", product: { name: "kselftests-kmp-default-4.4.180-94.150.1.aarch64", product_id: "kselftests-kmp-default-4.4.180-94.150.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.150.1.aarch64", product: { name: "ocfs2-kmp-default-4.4.180-94.150.1.aarch64", product_id: "ocfs2-kmp-default-4.4.180-94.150.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.180-94.150.1.noarch", product: { name: "kernel-devel-4.4.180-94.150.1.noarch", product_id: "kernel-devel-4.4.180-94.150.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.180-94.150.1.noarch", product: { name: "kernel-macros-4.4.180-94.150.1.noarch", product_id: "kernel-macros-4.4.180-94.150.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.180-94.150.1.noarch", product: { name: "kernel-source-4.4.180-94.150.1.noarch", product_id: "kernel-source-4.4.180-94.150.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.180-94.150.2.noarch", product: { name: "kernel-docs-4.4.180-94.150.2.noarch", product_id: "kernel-docs-4.4.180-94.150.2.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.4.180-94.150.2.noarch", product: { name: "kernel-docs-html-4.4.180-94.150.2.noarch", product_id: "kernel-docs-html-4.4.180-94.150.2.noarch", }, }, { category: "product_version", name: "kernel-docs-pdf-4.4.180-94.150.2.noarch", product: { name: "kernel-docs-pdf-4.4.180-94.150.2.noarch", product_id: "kernel-docs-pdf-4.4.180-94.150.2.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.4.180-94.150.1.noarch", product: { name: "kernel-source-vanilla-4.4.180-94.150.1.noarch", product_id: "kernel-source-vanilla-4.4.180-94.150.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.180-94.150.1.ppc64le", product: { name: "cluster-md-kmp-debug-4.4.180-94.150.1.ppc64le", product_id: "cluster-md-kmp-debug-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", product: { name: "cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", product_id: "cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.180-94.150.1.ppc64le", product: { name: "dlm-kmp-debug-4.4.180-94.150.1.ppc64le", product_id: "dlm-kmp-debug-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.150.1.ppc64le", product: { name: "dlm-kmp-default-4.4.180-94.150.1.ppc64le", product_id: "dlm-kmp-default-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.180-94.150.1.ppc64le", product: { name: "gfs2-kmp-debug-4.4.180-94.150.1.ppc64le", product_id: "gfs2-kmp-debug-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.150.1.ppc64le", product: { name: "gfs2-kmp-default-4.4.180-94.150.1.ppc64le", product_id: "gfs2-kmp-default-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.4.180-94.150.1.ppc64le", product: { name: "kernel-debug-4.4.180-94.150.1.ppc64le", product_id: "kernel-debug-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.4.180-94.150.1.ppc64le", product: { name: "kernel-debug-base-4.4.180-94.150.1.ppc64le", product_id: "kernel-debug-base-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.180-94.150.1.ppc64le", product: { name: "kernel-debug-devel-4.4.180-94.150.1.ppc64le", product_id: "kernel-debug-devel-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.180-94.150.1.ppc64le", product: { name: "kernel-debug-extra-4.4.180-94.150.1.ppc64le", product_id: "kernel-debug-extra-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.180-94.150.1.ppc64le", product: { name: "kernel-debug-kgraft-4.4.180-94.150.1.ppc64le", product_id: "kernel-debug-kgraft-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.180-94.150.1.ppc64le", product: { name: "kernel-default-4.4.180-94.150.1.ppc64le", product_id: "kernel-default-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.150.1.ppc64le", product: { name: "kernel-default-base-4.4.180-94.150.1.ppc64le", product_id: "kernel-default-base-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.150.1.ppc64le", product: { name: "kernel-default-devel-4.4.180-94.150.1.ppc64le", product_id: "kernel-default-devel-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.150.1.ppc64le", product: { name: "kernel-default-extra-4.4.180-94.150.1.ppc64le", product_id: "kernel-default-extra-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.150.1.ppc64le", product: { name: "kernel-default-kgraft-4.4.180-94.150.1.ppc64le", product_id: "kernel-default-kgraft-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.150.1.ppc64le", product: { name: "kernel-obs-build-4.4.180-94.150.1.ppc64le", product_id: "kernel-obs-build-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.150.1.ppc64le", product: { name: "kernel-obs-qa-4.4.180-94.150.1.ppc64le", product_id: "kernel-obs-qa-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.150.1.ppc64le", product: { name: "kernel-syms-4.4.180-94.150.1.ppc64le", product_id: "kernel-syms-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.150.1.ppc64le", product: { name: "kernel-vanilla-4.4.180-94.150.1.ppc64le", product_id: "kernel-vanilla-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.150.1.ppc64le", product: { name: "kernel-vanilla-base-4.4.180-94.150.1.ppc64le", product_id: "kernel-vanilla-base-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.150.1.ppc64le", product: { name: "kernel-vanilla-devel-4.4.180-94.150.1.ppc64le", product_id: "kernel-vanilla-devel-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", product: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", product_id: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-debug-4.4.180-94.150.1.ppc64le", product: { name: "kselftests-kmp-debug-4.4.180-94.150.1.ppc64le", product_id: "kselftests-kmp-debug-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.150.1.ppc64le", product: { name: "kselftests-kmp-default-4.4.180-94.150.1.ppc64le", product_id: "kselftests-kmp-default-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.180-94.150.1.ppc64le", product: { name: "ocfs2-kmp-debug-4.4.180-94.150.1.ppc64le", product_id: "ocfs2-kmp-debug-4.4.180-94.150.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", product: { name: "ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", product_id: "ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.150.1.s390x", product: { name: "cluster-md-kmp-default-4.4.180-94.150.1.s390x", product_id: "cluster-md-kmp-default-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.150.1.s390x", product: { name: "dlm-kmp-default-4.4.180-94.150.1.s390x", product_id: "dlm-kmp-default-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.150.1.s390x", product: { name: "gfs2-kmp-default-4.4.180-94.150.1.s390x", product_id: "gfs2-kmp-default-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.180-94.150.1.s390x", product: { name: "kernel-default-4.4.180-94.150.1.s390x", product_id: "kernel-default-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.150.1.s390x", product: { name: "kernel-default-base-4.4.180-94.150.1.s390x", product_id: "kernel-default-base-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.150.1.s390x", product: { name: "kernel-default-devel-4.4.180-94.150.1.s390x", product_id: "kernel-default-devel-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.150.1.s390x", product: { name: "kernel-default-extra-4.4.180-94.150.1.s390x", product_id: "kernel-default-extra-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.150.1.s390x", product: { name: "kernel-default-kgraft-4.4.180-94.150.1.s390x", product_id: "kernel-default-kgraft-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.180-94.150.1.s390x", product: { name: "kernel-default-man-4.4.180-94.150.1.s390x", product_id: "kernel-default-man-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.150.1.s390x", product: { name: "kernel-obs-build-4.4.180-94.150.1.s390x", product_id: "kernel-obs-build-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.150.1.s390x", product: { name: "kernel-obs-qa-4.4.180-94.150.1.s390x", product_id: "kernel-obs-qa-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.150.1.s390x", product: { name: "kernel-syms-4.4.180-94.150.1.s390x", product_id: "kernel-syms-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.150.1.s390x", product: { name: "kernel-vanilla-4.4.180-94.150.1.s390x", product_id: "kernel-vanilla-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.150.1.s390x", product: { name: "kernel-vanilla-base-4.4.180-94.150.1.s390x", product_id: "kernel-vanilla-base-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.150.1.s390x", product: { name: "kernel-vanilla-devel-4.4.180-94.150.1.s390x", product_id: "kernel-vanilla-devel-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.4.180-94.150.1.s390x", product: { name: "kernel-zfcpdump-4.4.180-94.150.1.s390x", product_id: "kernel-zfcpdump-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.150.1.s390x", product: { name: "kselftests-kmp-default-4.4.180-94.150.1.s390x", product_id: "kselftests-kmp-default-4.4.180-94.150.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.150.1.s390x", product: { name: "ocfs2-kmp-default-4.4.180-94.150.1.s390x", product_id: "ocfs2-kmp-default-4.4.180-94.150.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.4.180-94.150.1.x86_64", product: { name: "kernel-default-4.4.180-94.150.1.x86_64", product_id: "kernel-default-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.150.1.x86_64", product: { name: "kernel-default-base-4.4.180-94.150.1.x86_64", product_id: "kernel-default-base-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.150.1.x86_64", product: { name: "kernel-default-devel-4.4.180-94.150.1.x86_64", product_id: "kernel-default-devel-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", product: { name: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", product_id: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.150.1.x86_64", product: { name: "kernel-syms-4.4.180-94.150.1.x86_64", product_id: "kernel-syms-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", product: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", product_id: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-debug-4.4.180-94.150.1.x86_64", product: { name: "cluster-md-kmp-debug-4.4.180-94.150.1.x86_64", product_id: "cluster-md-kmp-debug-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.150.1.x86_64", product: { name: "cluster-md-kmp-default-4.4.180-94.150.1.x86_64", product_id: "cluster-md-kmp-default-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.180-94.150.1.x86_64", product: { name: "dlm-kmp-debug-4.4.180-94.150.1.x86_64", product_id: "dlm-kmp-debug-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.150.1.x86_64", product: { name: "dlm-kmp-default-4.4.180-94.150.1.x86_64", product_id: "dlm-kmp-default-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.180-94.150.1.x86_64", product: { name: "gfs2-kmp-debug-4.4.180-94.150.1.x86_64", product_id: "gfs2-kmp-debug-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.150.1.x86_64", product: { name: "gfs2-kmp-default-4.4.180-94.150.1.x86_64", product_id: "gfs2-kmp-default-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.4.180-94.150.1.x86_64", product: { name: "kernel-debug-4.4.180-94.150.1.x86_64", product_id: "kernel-debug-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.4.180-94.150.1.x86_64", product: { name: "kernel-debug-base-4.4.180-94.150.1.x86_64", product_id: "kernel-debug-base-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.180-94.150.1.x86_64", product: { name: "kernel-debug-devel-4.4.180-94.150.1.x86_64", product_id: "kernel-debug-devel-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.180-94.150.1.x86_64", product: { name: "kernel-debug-extra-4.4.180-94.150.1.x86_64", product_id: "kernel-debug-extra-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.180-94.150.1.x86_64", product: { name: "kernel-debug-kgraft-4.4.180-94.150.1.x86_64", product_id: "kernel-debug-kgraft-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.150.1.x86_64", product: { name: "kernel-default-extra-4.4.180-94.150.1.x86_64", product_id: "kernel-default-extra-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.150.1.x86_64", product: { name: "kernel-obs-build-4.4.180-94.150.1.x86_64", product_id: "kernel-obs-build-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.150.1.x86_64", product: { name: "kernel-obs-qa-4.4.180-94.150.1.x86_64", product_id: "kernel-obs-qa-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.150.1.x86_64", product: { name: "kernel-vanilla-4.4.180-94.150.1.x86_64", product_id: "kernel-vanilla-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.150.1.x86_64", product: { name: "kernel-vanilla-base-4.4.180-94.150.1.x86_64", product_id: "kernel-vanilla-base-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.150.1.x86_64", product: { name: "kernel-vanilla-devel-4.4.180-94.150.1.x86_64", product_id: "kernel-vanilla-devel-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-debug-4.4.180-94.150.1.x86_64", product: { name: "kselftests-kmp-debug-4.4.180-94.150.1.x86_64", product_id: "kselftests-kmp-debug-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.150.1.x86_64", product: { name: "kselftests-kmp-default-4.4.180-94.150.1.x86_64", product_id: "kselftests-kmp-default-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.180-94.150.1.x86_64", product: { name: "ocfs2-kmp-debug-4.4.180-94.150.1.x86_64", product_id: "ocfs2-kmp-debug-4.4.180-94.150.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.150.1.x86_64", product: { name: "ocfs2-kmp-default-4.4.180-94.150.1.x86_64", product_id: "ocfs2-kmp-default-4.4.180-94.150.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.150.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.4.180-94.150.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.150.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.150.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.150.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.150.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.150.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", }, product_reference: "kernel-source-4.4.180-94.150.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.150.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", }, product_reference: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.150.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.150.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.150.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", }, product_reference: "kernel-source-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", }, product_reference: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.150.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.150.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.150.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", }, product_reference: "kernel-source-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", }, product_reference: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", }, product_reference: "cluster-md-kmp-default-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", }, product_reference: "dlm-kmp-default-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", }, product_reference: "dlm-kmp-default-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", }, product_reference: "dlm-kmp-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", }, product_reference: "gfs2-kmp-default-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", }, product_reference: "gfs2-kmp-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", }, product_reference: "ocfs2-kmp-default-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-base-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-kgraft-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", }, product_reference: "kernel-source-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-syms-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", }, product_reference: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", }, product_reference: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", }, product_reference: "kernel-default-4.4.180-94.150.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", }, product_reference: "kernel-default-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", }, product_reference: "kernel-default-base-4.4.180-94.150.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-base-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", }, product_reference: "kernel-default-base-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-default-kgraft-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-kgraft-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", }, product_reference: "kernel-default-man-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", }, product_reference: "kernel-source-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", }, product_reference: "kernel-syms-4.4.180-94.150.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", }, product_reference: "kernel-syms-4.4.180-94.150.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", }, product_reference: "kernel-syms-4.4.180-94.150.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", }, product_reference: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", }, product_reference: "kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.150.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", }, product_reference: "kernel-source-4.4.180-94.150.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.150.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.150.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, ], }, vulnerabilities: [ { cve: "CVE-2017-17862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17862", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17862", url: "https://www.suse.com/security/cve/CVE-2017-17862", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17862", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2017-17862", }, { cve: "CVE-2017-17864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17864", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17864", url: "https://www.suse.com/security/cve/CVE-2017-17864", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17864", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2017-17864", }, { cve: "CVE-2018-13405", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13405", }, ], notes: [ { category: "general", text: "The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13405", url: "https://www.suse.com/security/cve/CVE-2018-13405", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13405", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100416 for CVE-2018-13405", url: "https://bugzilla.suse.com/1100416", }, { category: "external", summary: "SUSE Bug 1129735 for CVE-2018-13405", url: "https://bugzilla.suse.com/1129735", }, { category: "external", summary: "SUSE Bug 1195161 for CVE-2018-13405", url: "https://bugzilla.suse.com/1195161", }, { category: "external", summary: "SUSE Bug 1198702 for CVE-2018-13405", url: "https://bugzilla.suse.com/1198702", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2018-13405", }, { cve: "CVE-2018-16882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16882", }, ], notes: [ { category: "general", text: "A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16882", url: "https://www.suse.com/security/cve/CVE-2018-16882", }, { category: "external", summary: "SUSE Bug 1119934 for CVE-2018-16882", url: "https://bugzilla.suse.com/1119934", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2018-16882", }, { cve: "CVE-2020-0429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-0429", }, ], notes: [ { category: "general", text: "In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-0429", url: "https://www.suse.com/security/cve/CVE-2020-0429", }, { category: "external", summary: "SUSE Bug 1176724 for CVE-2020-0429", url: "https://bugzilla.suse.com/1176724", }, { category: "external", summary: "SUSE Bug 1176931 for CVE-2020-0429", url: "https://bugzilla.suse.com/1176931", }, { category: "external", summary: "SUSE Bug 1188026 for CVE-2020-0429", url: "https://bugzilla.suse.com/1188026", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2020-0429", }, { cve: "CVE-2020-12655", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12655", }, ], notes: [ { category: "general", text: "An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12655", url: "https://www.suse.com/security/cve/CVE-2020-12655", }, { category: "external", summary: "SUSE Bug 1171217 for CVE-2020-12655", url: "https://bugzilla.suse.com/1171217", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.8, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "low", }, ], title: "CVE-2020-12655", }, { cve: "CVE-2020-14305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14305", }, ], notes: [ { category: "general", text: "An out-of-bounds memory write flaw was found in how the Linux kernel's Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14305", url: "https://www.suse.com/security/cve/CVE-2020-14305", }, { category: "external", summary: "SUSE Bug 1173346 for CVE-2020-14305", url: "https://bugzilla.suse.com/1173346", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2020-14305", }, { cve: "CVE-2020-3702", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-3702", }, ], notes: [ { category: "general", text: "u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-3702", url: "https://www.suse.com/security/cve/CVE-2020-3702", }, { category: "external", summary: "SUSE Bug 1191193 for CVE-2020-3702", url: "https://bugzilla.suse.com/1191193", }, { category: "external", summary: "SUSE Bug 1191529 for CVE-2020-3702", url: "https://bugzilla.suse.com/1191529", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2020-3702", }, { cve: "CVE-2020-4788", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-4788", }, ], notes: [ { category: "general", text: "IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-4788", url: "https://www.suse.com/security/cve/CVE-2020-4788", }, { category: "external", summary: "SUSE Bug 1177666 for CVE-2020-4788", url: "https://bugzilla.suse.com/1177666", }, { category: "external", summary: "SUSE Bug 1181158 for CVE-2020-4788", url: "https://bugzilla.suse.com/1181158", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2020-4788", }, { cve: "CVE-2021-20265", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20265", }, ], notes: [ { category: "general", text: "A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20265", url: "https://www.suse.com/security/cve/CVE-2021-20265", }, { category: "external", summary: "SUSE Bug 1183089 for CVE-2021-20265", url: "https://bugzilla.suse.com/1183089", }, { category: "external", summary: "SUSE Bug 1214268 for CVE-2021-20265", url: "https://bugzilla.suse.com/1214268", }, { category: "external", summary: "SUSE Bug 1218966 for CVE-2021-20265", url: "https://bugzilla.suse.com/1218966", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-20265", }, { cve: "CVE-2021-20322", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-20322", }, ], notes: [ { category: "general", text: "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-20322", url: "https://www.suse.com/security/cve/CVE-2021-20322", }, { category: "external", summary: "SUSE Bug 1191790 for CVE-2021-20322", url: "https://bugzilla.suse.com/1191790", }, { category: "external", summary: "SUSE Bug 1191813 for CVE-2021-20322", url: "https://bugzilla.suse.com/1191813", }, { category: "external", summary: "SUSE Bug 1193290 for CVE-2021-20322", url: "https://bugzilla.suse.com/1193290", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-20322", }, { cve: "CVE-2021-31916", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-31916", }, ], notes: [ { category: "general", text: "An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-31916", url: "https://www.suse.com/security/cve/CVE-2021-31916", }, { category: "external", summary: "SUSE Bug 1192781 for CVE-2021-31916", url: "https://bugzilla.suse.com/1192781", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-31916", }, { cve: "CVE-2021-33033", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-33033", }, ], notes: [ { category: "general", text: "The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-33033", url: "https://www.suse.com/security/cve/CVE-2021-33033", }, { category: "external", summary: "SUSE Bug 1186109 for CVE-2021-33033", url: "https://bugzilla.suse.com/1186109", }, { category: "external", summary: "SUSE Bug 1186283 for CVE-2021-33033", url: "https://bugzilla.suse.com/1186283", }, { category: "external", summary: "SUSE Bug 1188876 for CVE-2021-33033", url: "https://bugzilla.suse.com/1188876", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-33033", }, { cve: "CVE-2021-34556", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-34556", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-34556", url: "https://www.suse.com/security/cve/CVE-2021-34556", }, { category: "external", summary: "SUSE Bug 1188983 for CVE-2021-34556", url: "https://bugzilla.suse.com/1188983", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-34556", }, { cve: "CVE-2021-34981", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-34981", }, ], notes: [ { category: "general", text: "Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the CMTP module. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11977.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-34981", url: "https://www.suse.com/security/cve/CVE-2021-34981", }, { category: "external", summary: "SUSE Bug 1191961 for CVE-2021-34981", url: "https://bugzilla.suse.com/1191961", }, { category: "external", summary: "SUSE Bug 1192595 for CVE-2021-34981", url: "https://bugzilla.suse.com/1192595", }, { category: "external", summary: "SUSE Bug 1196722 for CVE-2021-34981", url: "https://bugzilla.suse.com/1196722", }, { category: "external", summary: "SUSE Bug 1212298 for CVE-2021-34981", url: "https://bugzilla.suse.com/1212298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-34981", }, { cve: "CVE-2021-3542", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3542", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a reservation duplicate of CVE-2021-42739. Notes: All CVE users should reference CVE-2021-42739 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3542", url: "https://www.suse.com/security/cve/CVE-2021-3542", }, { category: "external", summary: "SUSE Bug 1184673 for CVE-2021-3542", url: "https://bugzilla.suse.com/1184673", }, { category: "external", summary: "SUSE Bug 1186063 for CVE-2021-3542", url: "https://bugzilla.suse.com/1186063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-3542", }, { cve: "CVE-2021-35477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-35477", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-35477", url: "https://www.suse.com/security/cve/CVE-2021-35477", }, { category: "external", summary: "SUSE Bug 1188985 for CVE-2021-35477", url: "https://bugzilla.suse.com/1188985", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-35477", }, { cve: "CVE-2021-3640", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3640", }, ], notes: [ { category: "general", text: "A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3640", url: "https://www.suse.com/security/cve/CVE-2021-3640", }, { category: "external", summary: "SUSE Bug 1188172 for CVE-2021-3640", url: "https://bugzilla.suse.com/1188172", }, { category: "external", summary: "SUSE Bug 1188613 for CVE-2021-3640", url: "https://bugzilla.suse.com/1188613", }, { category: "external", summary: "SUSE Bug 1191530 for CVE-2021-3640", url: "https://bugzilla.suse.com/1191530", }, { category: "external", summary: "SUSE Bug 1196810 for CVE-2021-3640", url: "https://bugzilla.suse.com/1196810", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-3640", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-3640", }, { cve: "CVE-2021-3653", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3653", }, ], notes: [ { category: "general", text: "A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"int_ctl\" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3653", url: "https://www.suse.com/security/cve/CVE-2021-3653", }, { category: "external", summary: "SUSE Bug 1189399 for CVE-2021-3653", url: "https://bugzilla.suse.com/1189399", }, { category: "external", summary: "SUSE Bug 1189420 for CVE-2021-3653", url: "https://bugzilla.suse.com/1189420", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-3653", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-3653", }, { cve: "CVE-2021-3655", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3655", }, ], notes: [ { category: "general", text: "A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3655", url: "https://www.suse.com/security/cve/CVE-2021-3655", }, { category: "external", summary: "SUSE Bug 1188563 for CVE-2021-3655", url: "https://bugzilla.suse.com/1188563", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "low", }, ], title: "CVE-2021-3655", }, { cve: "CVE-2021-3659", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3659", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3659", url: "https://www.suse.com/security/cve/CVE-2021-3659", }, { category: "external", summary: "SUSE Bug 1188876 for CVE-2021-3659", url: "https://bugzilla.suse.com/1188876", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-3659", }, { cve: "CVE-2021-3679", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3679", }, ], notes: [ { category: "general", text: "A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3679", url: "https://www.suse.com/security/cve/CVE-2021-3679", }, { category: "external", summary: "SUSE Bug 1189057 for CVE-2021-3679", url: "https://bugzilla.suse.com/1189057", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-3679", }, { cve: "CVE-2021-3715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3715", }, ], notes: [ { category: "general", text: "A flaw was found in the \"Routing decision\" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3715", url: "https://www.suse.com/security/cve/CVE-2021-3715", }, { category: "external", summary: "SUSE Bug 1190349 for CVE-2021-3715", url: "https://bugzilla.suse.com/1190349", }, { category: "external", summary: "SUSE Bug 1190350 for CVE-2021-3715", url: "https://bugzilla.suse.com/1190350", }, { category: "external", summary: "SUSE Bug 1196722 for CVE-2021-3715", url: "https://bugzilla.suse.com/1196722", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-3715", }, { cve: "CVE-2021-37159", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37159", }, ], notes: [ { category: "general", text: "hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37159", url: "https://www.suse.com/security/cve/CVE-2021-37159", }, { category: "external", summary: "SUSE Bug 1188601 for CVE-2021-37159", url: "https://bugzilla.suse.com/1188601", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-37159", }, { cve: "CVE-2021-3732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3732", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3732", url: "https://www.suse.com/security/cve/CVE-2021-3732", }, { category: "external", summary: "SUSE Bug 1189706 for CVE-2021-3732", url: "https://bugzilla.suse.com/1189706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "low", }, ], title: "CVE-2021-3732", }, { cve: "CVE-2021-3752", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3752", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3752", url: "https://www.suse.com/security/cve/CVE-2021-3752", }, { category: "external", summary: "SUSE Bug 1190023 for CVE-2021-3752", url: "https://bugzilla.suse.com/1190023", }, { category: "external", summary: "SUSE Bug 1190432 for CVE-2021-3752", url: "https://bugzilla.suse.com/1190432", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-3752", }, { cve: "CVE-2021-3753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3753", }, ], notes: [ { category: "general", text: "A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3753", url: "https://www.suse.com/security/cve/CVE-2021-3753", }, { category: "external", summary: "SUSE Bug 1190025 for CVE-2021-3753", url: "https://bugzilla.suse.com/1190025", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "low", }, ], title: "CVE-2021-3753", }, { cve: "CVE-2021-37576", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-37576", }, ], notes: [ { category: "general", text: "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-37576", url: "https://www.suse.com/security/cve/CVE-2021-37576", }, { category: "external", summary: "SUSE Bug 1188838 for CVE-2021-37576", url: "https://bugzilla.suse.com/1188838", }, { category: "external", summary: "SUSE Bug 1188842 for CVE-2021-37576", url: "https://bugzilla.suse.com/1188842", }, { category: "external", summary: "SUSE Bug 1190276 for CVE-2021-37576", url: "https://bugzilla.suse.com/1190276", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-37576", }, { cve: "CVE-2021-3760", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3760", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3760", url: "https://www.suse.com/security/cve/CVE-2021-3760", }, { category: "external", summary: "SUSE Bug 1190067 for CVE-2021-3760", url: "https://bugzilla.suse.com/1190067", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-3760", }, { cve: "CVE-2021-3772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3772", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3772", url: "https://www.suse.com/security/cve/CVE-2021-3772", }, { category: "external", summary: "SUSE Bug 1190351 for CVE-2021-3772", url: "https://bugzilla.suse.com/1190351", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-3772", }, { cve: "CVE-2021-38160", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38160", }, ], notes: [ { category: "general", text: "** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38160", url: "https://www.suse.com/security/cve/CVE-2021-38160", }, { category: "external", summary: "SUSE Bug 1190117 for CVE-2021-38160", url: "https://bugzilla.suse.com/1190117", }, { category: "external", summary: "SUSE Bug 1190118 for CVE-2021-38160", url: "https://bugzilla.suse.com/1190118", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-38160", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-38160", }, { cve: "CVE-2021-38198", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38198", }, ], notes: [ { category: "general", text: "arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38198", url: "https://www.suse.com/security/cve/CVE-2021-38198", }, { category: "external", summary: "SUSE Bug 1189262 for CVE-2021-38198", url: "https://bugzilla.suse.com/1189262", }, { category: "external", summary: "SUSE Bug 1189278 for CVE-2021-38198", url: "https://bugzilla.suse.com/1189278", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-38198", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-38198", }, { cve: "CVE-2021-38204", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-38204", }, ], notes: [ { category: "general", text: "drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-38204", url: "https://www.suse.com/security/cve/CVE-2021-38204", }, { category: "external", summary: "SUSE Bug 1189291 for CVE-2021-38204", url: "https://bugzilla.suse.com/1189291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-38204", }, { cve: "CVE-2021-3896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3896", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43389. Reason: This candidate is a reservation duplicate of CVE-2021-43389. Notes: All CVE users should reference CVE-2021-43389 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3896", url: "https://www.suse.com/security/cve/CVE-2021-3896", }, { category: "external", summary: "SUSE Bug 1191958 for CVE-2021-3896", url: "https://bugzilla.suse.com/1191958", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-3896", }, { cve: "CVE-2021-40490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-40490", }, ], notes: [ { category: "general", text: "A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-40490", url: "https://www.suse.com/security/cve/CVE-2021-40490", }, { category: "external", summary: "SUSE Bug 1190159 for CVE-2021-40490", url: "https://bugzilla.suse.com/1190159", }, { category: "external", summary: "SUSE Bug 1192775 for CVE-2021-40490", url: "https://bugzilla.suse.com/1192775", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-40490", }, { cve: "CVE-2021-42008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42008", }, ], notes: [ { category: "general", text: "The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-42008", url: "https://www.suse.com/security/cve/CVE-2021-42008", }, { category: "external", summary: "SUSE Bug 1191315 for CVE-2021-42008", url: "https://bugzilla.suse.com/1191315", }, { category: "external", summary: "SUSE Bug 1191660 for CVE-2021-42008", url: "https://bugzilla.suse.com/1191660", }, { category: "external", summary: "SUSE Bug 1196722 for CVE-2021-42008", url: "https://bugzilla.suse.com/1196722", }, { category: "external", summary: "SUSE Bug 1196810 for CVE-2021-42008", url: "https://bugzilla.suse.com/1196810", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-42008", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-42008", }, { cve: "CVE-2021-42739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42739", }, ], notes: [ { category: "general", text: "The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-42739", url: "https://www.suse.com/security/cve/CVE-2021-42739", }, { category: "external", summary: "SUSE Bug 1184673 for CVE-2021-42739", url: "https://bugzilla.suse.com/1184673", }, { category: "external", summary: "SUSE Bug 1192036 for CVE-2021-42739", url: "https://bugzilla.suse.com/1192036", }, { category: "external", summary: "SUSE Bug 1196722 for CVE-2021-42739", url: "https://bugzilla.suse.com/1196722", }, { category: "external", summary: "SUSE Bug 1196914 for CVE-2021-42739", url: "https://bugzilla.suse.com/1196914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "important", }, ], title: "CVE-2021-42739", }, { cve: "CVE-2021-43389", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43389", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-43389", url: "https://www.suse.com/security/cve/CVE-2021-43389", }, { category: "external", summary: "SUSE Bug 1191958 for CVE-2021-43389", url: "https://bugzilla.suse.com/1191958", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:kernel-default-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-base-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kernel-devel-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-macros-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-source-4.4.180-94.150.1.noarch", "HPE Helion OpenStack 8:kernel-syms-4.4.180-94.150.1.x86_64", "HPE Helion OpenStack 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-default-man-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.150.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-base-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-devel-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-default-kgraft-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kernel-devel-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-macros-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-source-4.4.180-94.150.1.noarch", "SUSE OpenStack Cloud Crowbar 8:kernel-syms-4.4.180-94.150.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kgraft-patch-4_4_180-94_150-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-12-06T12:28:40Z", details: "moderate", }, ], title: "CVE-2021-43389", }, ], }
suse-su-2018:0482-1
Vulnerability from csaf_suse
Published
2018-02-19 19:17
Modified
2018-02-19 19:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 Realtime kernel was updated to 4.4.114 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.
- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).
- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).
- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).
- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).
- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229 1073230).
- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel The function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).
- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2018-1000004: In the Linux kernel a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).
The following non-security bugs were fixed:
- 509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).
- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).
- acpi / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).
- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).
- af_key: fix buffer overread in verify_address_len() (bnc#1012382).
- afs: Adjust mode bits processing (bnc#1012382).
- afs: Connect up the CB.ProbeUuid (bnc#1012382).
- afs: Fix afs_kill_pages() (bnc#1012382).
- afs: Fix missing put_page() (bnc#1012382).
- afs: Fix page leak in afs_write_begin() (bnc#1012382).
- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).
- afs: Flush outstanding writes when an fd is closed (bnc#1012382).
- afs: Migrate vlocation fields to 64-bit (bnc#1012382).
- afs: Populate and use client modification time (bnc#1012382).
- afs: Populate group ID from vnode status (bnc#1012382).
- afs: Prevent callback expiry timer overflow (bnc#1012382).
- alpha: fix build failures (bnc#1012382).
- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).
- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).
- alsa: aloop: Release cable upon open error path (bsc#1031717).
- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).
- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).
- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).
- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).
- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).
- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).
- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).
- arc: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).
- arm64: Add hypervisor safe helper for checking constant capabilities (bsc#1068032).
- arm64: Add macros to read/write system registers (bsc#1068032).
- arm64: add macro to extract ESR_ELx.EC (bsc#1068032).
- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).
- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).
- arm64: alternative: add auto-nop infrastructure (bsc#1068032).
- arm64: barriers: introduce nops and __nops macros for NOP sequences (bsc#1068032).
- arm64: cpu_errata: Allow an erratum to be match for all revisions of a core (bsc#1068032).
- arm64: cpufeature: Add scope for capability check (bsc#1068032).
- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).
- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).
- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).
- arm64: Disable kpti for non broadcast TLB HW (bsc#1068032).
- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).
- arm64: do not pull uaccess.h into *.S (bsc#1068032).
- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).
- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).
- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).
- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).
- arm64: entry: remove pointless SPSR mode check (bsc#1068032).
- arm64: entry.S convert el0_sync (bsc#1068032).
- arm64: entry.S: convert el1_sync (bsc#1068032).
- arm64: entry.S: convert elX_irq (bsc#1068032).
- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).
- arm64: entry.S: Remove disable_dbg (bsc#1068032).
- arm64: explicitly mask all exceptions (bsc#1068032).
- arm64: factor out entry stack manipulation (bsc#1068032).
- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).
- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).
- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).
- arm64: factor work_pending state machine to C (bsc#1068032).
- arm64: Fix circular include of asm/lse.h through linux/jump_label.h (bsc#1068032).
- arm64: Fix compilation (bsc#1068032).
- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).
- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).
- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).
- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).
- arm64: Initialise high_memory global variable earlier (bnc#1012382).
- arm64: introduce an order for exceptions (bsc#1068032).
- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).
- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).
- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).
- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).
- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).
- arm64: kill ESR_LNX_EXEC (bsc#1068032).
- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).
- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).
- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm64: kvm: Survive unknown traps from guests (bnc#1012382).
- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).
- arm64: Mask all exceptions during kernel_exit (bsc#1068032).
- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).
- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).
- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: hardcode rodata=true (bsc#1068032).
- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).
- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).
- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).
- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).
- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).
- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).
- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).
- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).
- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).
- arm64: Store struct thread_info in sp_el0 (bsc#1068032).
- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).
- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).
- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).
- arm64: sysreg: allow write_sysreg to use XZR (bsc#1068032).
- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).
- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).
- arm64: tlbflush.h: add __tlbi() macro (bsc#1068032).
- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).
- arm64: use alternative auto-nop (bsc#1068032).
- arm64: use RET instruction for exiting the trampoline (bsc#1068032).
- arm64: Use static keys for CPU features (bsc#1068032).
- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).
- arm: avoid faulting on qemu (bnc#1012382).
- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).
- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).
- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).
- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).
- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).
- arm: dts: ti: fix pci bus dtc warnings (bnc#1012382).
- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).
- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).
- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm: kvm: Survive unknown traps from guests (bnc#1012382).
- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).
- arm: OMAP2+: Fix device node reference counts (bnc#1012382).
- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).
- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).
- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).
- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).
- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).
- ath9k: fix tx99 potential info leak (bnc#1012382).
- atm: horizon: Fix irq release error (bnc#1012382).
- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).
- axonram: Fix gendisk handling (bnc#1012382).
- backlight: pwm_bl: Fix overflow condition (bnc#1012382).
- bcache: add a comment in journal bucket reading (bsc#1076110).
- bcache: Avoid nested function definition (bsc#1076110).
- bcache: check return value of register_shrinker (bsc#1076110).
- bcache: debug: avoid accessing .bi_io_vec directly (bsc#1076110).
- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).
- bcache: documentation updates and corrections (bsc#1076110).
- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).
- bcache: do not write back data if reading it failed (bsc#1076110).
- bcache: explicitly destroy mutex while exiting (bnc#1012382).
- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).
- bcache: fix sequential large write IO bypass (bsc#1076110).
- bcache: fix wrong cache_misses statistics (bnc#1012382).
- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).
- bcache: implement PI controller for writeback rate (bsc#1076110).
- bcache: increase the number of open buckets (bsc#1076110).
- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).
- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110).
- bcache: pr_err: more meaningful error message when nr_stripes is invalid (bsc#1076110).
- bcache: rearrange writeback main thread ratelimit (bsc#1076110).
- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).
- bcache: register_bcache(): call blkdev_put() when cache_alloc() fails (bsc#1076110).
- bcache: Remove deprecated create_workqueue (bsc#1076110).
- bcache: Remove redundant block_size assignment (bsc#1076110).
- bcache: Remove redundant parameter for cache_alloc() (bsc#1076110).
- bcache: Remove redundant set_capacity (bsc#1076110).
- bcache: remove unused parameter (bsc#1076110).
- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085, bsc#1019784).
- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).
- bcache: silence static checker warning (bsc#1076110).
- bcache: smooth writeback rate control (bsc#1076110).
- bcache: switch to using blk_queue_write_cache() (bsc#1076110).
- bcache.txt: standardize document format (bsc#1076110).
- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).
- bcache: update bucket_in_use in real time (bsc#1076110).
- bcache: Update continue_at() documentation (bsc#1076110).
- bcache: update document info (bsc#1076110).
- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).
- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).
- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).
- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).
- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844 FATE#320192).
- block: export bio_free_pages to other modules (bsc#1076110).
- block: wake up all tasks blocked in get_request() (bnc#1012382).
- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).
- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).
- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).
- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).
- btrfs: account for pinned bytes in should_alloc_chunk (bsc#1066842).
- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).
- can: kvaser_usb: free buf in error paths (bnc#1012382).
- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).
- can: peak: fix potential bug in packet fragmentation (bnc#1012382).
- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- cdc-acm: apply quirk for card reader (bsc#1060279).
- cdrom: factor out common open_for_* code (bsc#1048585).
- cdrom: wait for tray to close (bsc#1048585).
- ceph: drop negative child dentries before try pruning inode's alias (bnc#1012382).
- ceph: more accurate statfs (bsc#1077068).
- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).
- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).
- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).
- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).
- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).
- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).
- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).
- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).
- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).
- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).
- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).
- crypto: n2 - cure use after free (bnc#1012382).
- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).
- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).
- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).
- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).
- dax: Pass detailed error code from __dax_fault() (bsc#1072484).
- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).
- delay: add poll_event_interruptible (bsc#1048585).
- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).
- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).
- dmaengine: pl330: fix double lock (bnc#1012382).
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).
- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).
- drivers: base: cacheinfo: fix boot error message when acpi is enabled (bnc#1012382).
- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled (bnc#1012382).
- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).
- drivers/md/bcache/util.h: remove duplicate inclusion of blkdev.h (bsc#1076110).
- drivers: net: xgene: Fix hardware checksum setting (bsc#1078526).
- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).
- drm: extra printk() wrapper macros (bnc#1012382).
- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).
- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).
- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).
- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).
- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).
- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).
- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).
- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).
- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).
- edac, sb_edac: Fix missing break in switch (bnc#1012382).
- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).
- efi: Move some sysfs files to be read-only by root (bnc#1012382).
- eventpoll.h: add missing epoll event masks (bnc#1012382).
- ext4: fix crash when a directory's i_size is too small (bnc#1012382).
- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).
- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).
- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).
- Fix build error in vma.c (bnc#1012382).
- fjes: Fix wrong netdevice feature flags (bnc#1012382).
- flow_dissector: properly cap thoff field (bnc#1012382).
- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).
- fork: clear thread stack upon allocation (bsc#1077560). Conflicts: series.conf
- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).
- futex: Prevent overflow by strengthen input validation (bnc#1012382).
- gcov: disable for COMPILE_TEST (bnc#1012382).
- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).
- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).
- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).
- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).
- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).
- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).
- i40e: Do not enable NAPI on q_vectors that have no rings (bnc#1012382).
- ib/hfi1: Correct defered count after processing qp_wait_list (git-fixes).
- ib/hfi1: Fix rnr_timer addition (git-fixes).
- ib/hfi1: Handle kzalloc failure in init_pervl_scs (git-fixes).
- ib/hfi1: Move iowait_init() to priv allocate (git-fixes).
- ib/hfi1: Prevent kernel QP post send hard lockups (git-fixes).
- ib/hfi1: Reset QSFP on every run through channel tuning (git-fixes).
- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).
- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).
- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).
- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).
- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).
- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).
- ibmvnic: Fix IP offload control buffer (bsc#1076899).
- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).
- ibmvnic: Fix pending MAC address changes (bsc#1075627).
- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).
- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).
- ibmvnic: Wait for device response when changing MAC (bsc#1078681).
- ib/qib: Remove qpt_mask global (git-fixes).
- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (git-fixes).
- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).
- igb: check memory allocation failure (bnc#1012382).
- ima: fix hash algorithm initialization (bnc#1012382).
- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).
- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).
- input: elantech - add new icbody type 15 (bnc#1012382).
- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).
- input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).
- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).
- input: twl6040-vibra - fix child-node lookup (bnc#1012382).
- input: twl6040-vibra - fix DT node memory management (bnc#1012382).
- intel_th: pci: Add Gemini Lake support (bnc#1012382).
- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).
- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).
- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).
- ipmi: Stop timers before cleaning up the module (bnc#1012382).
- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).
- ipv4: igmp: guard against silly MTU values (bnc#1012382).
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).
- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).
- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).
- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).
- ipv6: mcast: better catch silly mtu values (bnc#1012382).
- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).
- ipvlan: fix ipv6 outbound device (bnc#1012382).
- ipvlan: remove excessive packet scrubbing (bsc#1070799).
- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).
- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).
- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).
- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).
- isdn: kcapi: avoid uninitialized data (bnc#1012382).
- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).
- ixgbe: fix use of uninitialized padding (bnc#1012382).
- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).
- jump_label: Make it possible for arches to invoke jump_label_init() earlier (bsc#1068032).
- jump_labels: Allow array initialisers (bsc#1068032).
- Kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076806).
- kABI: protect struct bpf_map (kabi).
- kABI: protect struct ipv6_pinfo (kabi).
- kABI: protect struct t10_alua_tg_pt_gp (kabi).
- kABI: protect struct usbip_device (kabi).
- kabi/severities: do not care about stuff_RSB
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).
- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).
- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).
- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).
- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).
- keys: add missing permission check for request_key() destination (bnc#1012382).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).
- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).
- kpti: Report when enabled (bnc#1012382).
- kvm: arm/arm64: Fix occasional warning from the timer work function (bnc#1012382 bsc#988524).
- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).
- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).
- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).
- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).
- kvm: s390: Enable all facility bits that are known good for passthrough (bsc#1076806).
- kvm: s390: wire up bpb feature (bsc#1076806).
- kvm: VMX: Fix enable VPID conditions (bnc#1012382).
- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).
- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382).
- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).
- kvm: x86: correct async page present tracepoint (bnc#1012382).
- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).
- kvm: x86: fix RSM when pciD is non-zero (bnc#1012382).
- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).
- lan78xx: Fix failure in USB Full Speed (bnc#1012382).
- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).
- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).
- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).
- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).
- md-cluster: free md_cluster_info if node leave cluster (bnc#1012382).
- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).
- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).
- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).
- mfd: twl6040: Fix child-node lookup (bnc#1012382).
- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET (bnc#1012382).
- MIPS: AR7: ensure the port type's FCR value is used (bnc#1012382).
- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET (bnc#1012382).
- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses (bnc#1012382).
- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012382).
- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA (bnc#1012382).
- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET (bnc#1012382).
- MIPS: math-emu: Fix final emulation phase for certain instructions (bnc#1012382).
- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task (bnc#1012382).
- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).
- mlxsw: reg: Fix SPVM max record count (bnc#1012382).
- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).
- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).
- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).
- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).
- mm: Introduce lm_alias (bsc#1068032).
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1012382).
- mm/mprotect: add a cond_resched() inside change_pmd_range() (bnc#1077871).
- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).
- module: set __jump_table alignment to 8 (bnc#1012382).
- more bio_map_user_iov() leak fixes (bnc#1012382).
- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).
- net/appletalk: Fix kernel memory disclosure (bnc#1012382).
- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).
- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).
- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).
- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).
- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).
- net: core: fix module type in sock_diag_bind (bnc#1012382).
- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).
- net: fec: fix multicast filtering hardware setup (bnc#1012382).
- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).
- netfilter: do not track fragmented packets (bnc#1012382).
- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).
- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).
- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).
- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).
- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).
- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).
- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).
- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).
- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).
- net: initialize msg.msg_flags in recvfrom (bnc#1012382).
- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).
- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).
- net: mvneta: clear interface link status on port disable (bnc#1012382).
- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).
- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).
- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).
- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).
- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).
- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).
- net: Resend IGMP memberships upon peer notification (bnc#1012382).
- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).
- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).
- net: systemport: Pad packet before inserting TSB (bnc#1012382).
- net: systemport: Utilize skb_put_padto() (bnc#1012382).
- net: tcp: close sock if net namespace is exiting (bnc#1012382).
- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).
- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).
- nfsd: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).
- nfsd: fix nfsd_reset_versions for NFSv4 (bnc#1012382).
- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).
- nfs: Fix a typo in nfs_rename() (bnc#1012382).
- nfsv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).
- nfsv4: Fix client recovery when server reboots multiple times (bnc#1012382).
- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).
- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).
- packet: fix crash in fanout_demux_rollover() (bnc#1012382).
- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).
- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).
- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).
- pci/aer: Report non-fatal errors only to the affected endpoint (bnc#1012382).
- pci: Avoid bus reset if bridge itself is broken (bnc#1012382).
- pci: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).
- pci: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).
- pci/pme: Handle invalid data when reading Root Status (bnc#1012382).
- pci / pm: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).
- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).
- perf test attr: Fix ignored test case result (bnc#1012382).
- perf: xgene: Add APM X-Gene SoC Performance Monitoring Unit driver (bsc#1036737).
- perf: xgene: Add support for SoC PMU version 3 (bsc#1076809).
- perf: xgene: Include module.h (bsc#1076809).
- perf: xgene: Move PMU leaf functions into function pointer structure (bsc#1076809).
- perf: xgene: Parse PMU subnode from the match table (bsc#1076809).
- perf: xgene: Remove unnecessary managed resources cleanup (bsc#1076809).
- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).
- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).
- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).
- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).
- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).
- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).
- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).
- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).
- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).
- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).
- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).
- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).
- powerpc/ipic: Fix status get and status clear (bnc#1012382).
- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).
- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).
- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).
- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).
- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).
- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).
- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).
- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).
- ppp: Destroy the mutex when cleanup (bnc#1012382).
- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).
- pti: unbreak EFI (bsc#1074709).
- r8152: fix the list rx_done may be used without initialization (bnc#1012382).
- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).
- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).
- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).
- ravb: Remove Rx overflow log messages (bnc#1012382).
- rbd: set max_segments to USHRT_MAX (bnc#1012382).
- rdma/cma: Avoid triggering undefined behavior (bnc#1012382).
- rdma/iser: Fix possible mr leak on device removal event (bnc#1012382).
- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).
- rds: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).
- rds: null pointer dereference in rds_atomic_free_op (bnc#1012382).
- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).
- regulator: da9063: Return an error code on probe failure (bsc#1074847).
- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).
- regulator: Try to resolve regulators supplies on registration (bsc#1074847).
- Revert 'arm64: alternatives: add enable parameter to conditional asm macros' (bsc#1068032).
- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).
- Revert 'drm/armada: Fix compile fail' (bnc#1012382).
- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).
- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).
- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).
- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).
- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).
- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).
- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).
- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).
- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).
- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).
- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).
- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).
- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).
- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).
- route: also update fnhe_genid when updating a route cache (bnc#1012382).
- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).
- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).
- rtc: pcf8563: fix output clock rate (bnc#1012382).
- rtc: pl031: make interrupt optional (bnc#1012382).
- rtc: set the alarm to the next expiring timer (bnc#1012382).
- s390: always save and restore all registers on context switch (bnc#1012382).
- s390: fix compat system call table (bnc#1012382).
- s390/pci: do not require AIS facility (bnc#1012382).
- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1012382).
- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).
- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).
- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).
- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).
- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).
- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).
- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).
- scsi: bfa: integer overflow in debugfs (bnc#1012382).
- scsi: check for device state in __scsi_remove_target() (bsc#1072589).
- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).
- scsi: fixup kernel warning during rmmod() (bsc#1052360).
- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).
- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).
- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).
- scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters (bnc#1012382).
- scsi: lpfc: Fix PT2PT PRLI reject (bnc#1012382).
- scsi: lpfc: Fix secure firmware updates (bnc#1012382).
- scsi: lpfc: PLOGI failures during NPIV testing (bnc#1012382).
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).
- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).
- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).
- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).
- scsi: sr: wait for the medium to become ready (bsc#1048585).
- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).
- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).
- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).
- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).
- selftests/x86: Add test_vsyscall (bnc#1012382).
- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).
- serial: 8250_pci: Add Amazon pci serial device ID (bnc#1012382).
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).
- Set supported_modules_check 1 (bsc#1072163).
- sfc: do not warn on successful change of MAC (bnc#1012382).
- sh_eth: fix SH7757 GEther initialization (bnc#1012382).
- sh_eth: fix TSU resource handling (bnc#1012382).
- sit: update frag_off info (bnc#1012382).
- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).
- sparc64/mm: set fields in deferred pages (bnc#1012382).
- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).
- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).
- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).
- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).
- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).
- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- sysrq : fix Show Regs call trace on ARM (bnc#1012382).
- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).
- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).
- target: fix ALUA transition timeout handling (bnc#1012382).
- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).
- target: fix race during implicit transition work flushes (bnc#1012382).
- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).
- target: Use system workqueue for ALUA transitions (bnc#1012382).
- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).
- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).
- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).
- tcp: __tcp_hdrlen() helper (bnc#1012382).
- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).
- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).
- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).
- tipc: fix cleanup at module unload (bnc#1012382).
- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).
- tipc: improve link resiliency when rps is activated (bsc#1068038).
- tracing: Allocate mask_str buffer dynamically (bnc#1012382).
- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).
- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).
- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).
- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).
- tty fix oops when rmmod 8250 (bnc#1012382).
- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).
- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).
- udf: Avoid overflow when session starts at large offset (bnc#1012382).
- um: link vmlinux with -no-pie (bnc#1012382).
- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).
- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).
- USB: core: Add type-specific length check of BOS descriptors (bnc#1012382).
- USB: core: prevent malicious bNumInterfaces overflow (bnc#1012382).
- USB: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).
- USB: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).
- USB: fix usbmon BUG trigger (bnc#1012382).
- usb: gadget: configs: plug memory leak (bnc#1012382).
- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).
- USB: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).
- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).
- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).
- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).
- USB: Increase usbfs transfer limit (bnc#1012382).
- usbip: Fix implicit fallthrough warning (bnc#1012382).
- usbip: Fix potential format overflow in userspace tools (bnc#1012382).
- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).
- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).
- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).
- usbip: prevent leaking socket pointer address in messages (bnc#1012382).
- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).
- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).
- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).
- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).
- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).
- usb: musb: da8xx: fix babble condition handling (bnc#1012382).
- usb: phy: isp1301: Add OF device ID table (bnc#1012382).
- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).
- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).
- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).
- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).
- USB: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).
- USB: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).
- USB: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).
- USB: serial: option: add Quectel BG96 id (bnc#1012382).
- USB: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).
- USB: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).
- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).
- USB: usbfs: Filter flags passed in from user space (bnc#1012382).
- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).
- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).
- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).
- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).
- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).
- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).
- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).
- virtio: release virtio index when fail to device_register (bnc#1012382).
- vmxnet3: repair memory leak (bnc#1012382).
- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).
- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).
- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).
- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).
- writeback: fix memory leak in wb_queue_work() (bnc#1012382).
- X.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).
- X.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).
- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm (bnc#1012382).
- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).
- x86/apic/vector: Fix off by one in error path (bnc#1012382).
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).
- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).
- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).
- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).
- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).
- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).
- x86/Documentation: Add PTI description (bnc#1012382).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).
- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).
- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).
- x86/kasan: Write protect kasan zero shadow (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).
- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).
- x86/mm: Disable pciD on 32-bit kernels (bnc#1012382).
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).
- x86/pti: Document fix wrong index (bnc#1012382).
- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).
- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).
- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).
- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).
- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).
- xen-netfront: Improve error handling during initialization (bnc#1012382).
- xfrm: Copy policy family in clone_policy (bnc#1012382).
- xfs: add configurable error support to metadata buffers (bsc#1068569).
- xfs: add configuration handlers for specific errors (bsc#1068569).
- xfs: add configuration of error failure speed (bsc#1068569).
- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).
- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).
- xfs: address kabi for xfs buffer retry infrastructure (kabi).
- xfs: configurable error behavior via sysfs (bsc#1068569).
- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).
- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).
- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).
- xfs: introduce metadata IO error class (bsc#1068569).
- xfs: introduce table-based init for error behaviors (bsc#1068569).
- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).
- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).
- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).
- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).
- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).
- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).
Patchnames
SUSE-SLE-RT-12-SP2-2018-327
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP2 Realtime kernel was updated to 4.4.114 to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).\n\n The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.\n\n- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).\n- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).\n- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).\n- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229 1073230).\n- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel The function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).\n- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).\n- CVE-2018-1000004: In the Linux kernel a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).\n\nThe following non-security bugs were fixed:\n\n- 509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).\n- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).\n- acpi / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).\n- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).\n- af_key: fix buffer overread in verify_address_len() (bnc#1012382).\n- afs: Adjust mode bits processing (bnc#1012382).\n- afs: Connect up the CB.ProbeUuid (bnc#1012382).\n- afs: Fix afs_kill_pages() (bnc#1012382).\n- afs: Fix missing put_page() (bnc#1012382).\n- afs: Fix page leak in afs_write_begin() (bnc#1012382).\n- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).\n- afs: Flush outstanding writes when an fd is closed (bnc#1012382).\n- afs: Migrate vlocation fields to 64-bit (bnc#1012382).\n- afs: Populate and use client modification time (bnc#1012382).\n- afs: Populate group ID from vnode status (bnc#1012382).\n- afs: Prevent callback expiry timer overflow (bnc#1012382).\n- alpha: fix build failures (bnc#1012382).\n- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).\n- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).\n- alsa: aloop: Release cable upon open error path (bsc#1031717).\n- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).\n- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).\n- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).\n- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).\n- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).\n- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).\n- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).\n- arc: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).\n- arm64: Add hypervisor safe helper for checking constant capabilities (bsc#1068032).\n- arm64: Add macros to read/write system registers (bsc#1068032).\n- arm64: add macro to extract ESR_ELx.EC (bsc#1068032).\n- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).\n- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).\n- arm64: alternative: add auto-nop infrastructure (bsc#1068032).\n- arm64: barriers: introduce nops and __nops macros for NOP sequences (bsc#1068032).\n- arm64: cpu_errata: Allow an erratum to be match for all revisions of a core (bsc#1068032).\n- arm64: cpufeature: Add scope for capability check (bsc#1068032).\n- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).\n- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).\n- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).\n- arm64: Disable kpti for non broadcast TLB HW (bsc#1068032).\n- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).\n- arm64: do not pull uaccess.h into *.S (bsc#1068032).\n- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).\n- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).\n- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).\n- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).\n- arm64: entry: remove pointless SPSR mode check (bsc#1068032).\n- arm64: entry.S convert el0_sync (bsc#1068032).\n- arm64: entry.S: convert el1_sync (bsc#1068032).\n- arm64: entry.S: convert elX_irq (bsc#1068032).\n- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).\n- arm64: entry.S: Remove disable_dbg (bsc#1068032).\n- arm64: explicitly mask all exceptions (bsc#1068032).\n- arm64: factor out entry stack manipulation (bsc#1068032).\n- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).\n- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).\n- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).\n- arm64: factor work_pending state machine to C (bsc#1068032).\n- arm64: Fix circular include of asm/lse.h through linux/jump_label.h (bsc#1068032).\n- arm64: Fix compilation (bsc#1068032).\n- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).\n- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).\n- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).\n- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).\n- arm64: Initialise high_memory global variable earlier (bnc#1012382).\n- arm64: introduce an order for exceptions (bsc#1068032).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).\n- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).\n- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).\n- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).\n- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).\n- arm64: kill ESR_LNX_EXEC (bsc#1068032).\n- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).\n- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).\n- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm64: kvm: Survive unknown traps from guests (bnc#1012382).\n- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).\n- arm64: Mask all exceptions during kernel_exit (bsc#1068032).\n- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).\n- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).\n- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: hardcode rodata=true (bsc#1068032).\n- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).\n- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).\n- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).\n- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).\n- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).\n- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).\n- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).\n- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).\n- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).\n- arm64: Store struct thread_info in sp_el0 (bsc#1068032).\n- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).\n- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).\n- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).\n- arm64: sysreg: allow write_sysreg to use XZR (bsc#1068032).\n- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).\n- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).\n- arm64: tlbflush.h: add __tlbi() macro (bsc#1068032).\n- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).\n- arm64: use alternative auto-nop (bsc#1068032).\n- arm64: use RET instruction for exiting the trampoline (bsc#1068032).\n- arm64: Use static keys for CPU features (bsc#1068032).\n- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).\n- arm: avoid faulting on qemu (bnc#1012382).\n- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).\n- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).\n- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).\n- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).\n- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).\n- arm: dts: ti: fix pci bus dtc warnings (bnc#1012382).\n- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).\n- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).\n- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm: kvm: Survive unknown traps from guests (bnc#1012382).\n- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).\n- arm: OMAP2+: Fix device node reference counts (bnc#1012382).\n- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).\n- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).\n- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).\n- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).\n- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).\n- ath9k: fix tx99 potential info leak (bnc#1012382).\n- atm: horizon: Fix irq release error (bnc#1012382).\n- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).\n- axonram: Fix gendisk handling (bnc#1012382).\n- backlight: pwm_bl: Fix overflow condition (bnc#1012382).\n- bcache: add a comment in journal bucket reading (bsc#1076110).\n- bcache: Avoid nested function definition (bsc#1076110).\n- bcache: check return value of register_shrinker (bsc#1076110).\n- bcache: debug: avoid accessing .bi_io_vec directly (bsc#1076110).\n- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).\n- bcache: documentation updates and corrections (bsc#1076110).\n- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).\n- bcache: do not write back data if reading it failed (bsc#1076110).\n- bcache: explicitly destroy mutex while exiting (bnc#1012382).\n- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).\n- bcache: fix sequential large write IO bypass (bsc#1076110).\n- bcache: fix wrong cache_misses statistics (bnc#1012382).\n- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).\n- bcache: implement PI controller for writeback rate (bsc#1076110).\n- bcache: increase the number of open buckets (bsc#1076110).\n- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110).\n- bcache: pr_err: more meaningful error message when nr_stripes is invalid (bsc#1076110).\n- bcache: rearrange writeback main thread ratelimit (bsc#1076110).\n- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).\n- bcache: register_bcache(): call blkdev_put() when cache_alloc() fails (bsc#1076110).\n- bcache: Remove deprecated create_workqueue (bsc#1076110).\n- bcache: Remove redundant block_size assignment (bsc#1076110).\n- bcache: Remove redundant parameter for cache_alloc() (bsc#1076110).\n- bcache: Remove redundant set_capacity (bsc#1076110).\n- bcache: remove unused parameter (bsc#1076110).\n- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085, bsc#1019784).\n- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).\n- bcache: silence static checker warning (bsc#1076110).\n- bcache: smooth writeback rate control (bsc#1076110).\n- bcache: switch to using blk_queue_write_cache() (bsc#1076110).\n- bcache.txt: standardize document format (bsc#1076110).\n- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).\n- bcache: update bucket_in_use in real time (bsc#1076110).\n- bcache: Update continue_at() documentation (bsc#1076110).\n- bcache: update document info (bsc#1076110).\n- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).\n- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).\n- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).\n- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).\n- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844 FATE#320192).\n- block: export bio_free_pages to other modules (bsc#1076110).\n- block: wake up all tasks blocked in get_request() (bnc#1012382).\n- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).\n- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).\n- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).\n- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).\n- btrfs: account for pinned bytes in should_alloc_chunk (bsc#1066842).\n- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).\n- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).\n- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).\n- can: kvaser_usb: free buf in error paths (bnc#1012382).\n- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).\n- can: peak: fix potential bug in packet fragmentation (bnc#1012382).\n- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).\n- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- cdc-acm: apply quirk for card reader (bsc#1060279).\n- cdrom: factor out common open_for_* code (bsc#1048585).\n- cdrom: wait for tray to close (bsc#1048585).\n- ceph: drop negative child dentries before try pruning inode's alias (bnc#1012382).\n- ceph: more accurate statfs (bsc#1077068).\n- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).\n- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).\n- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).\n- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).\n- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).\n- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).\n- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).\n- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).\n- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).\n- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).\n- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).\n- crypto: n2 - cure use after free (bnc#1012382).\n- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).\n- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).\n- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).\n- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).\n- dax: Pass detailed error code from __dax_fault() (bsc#1072484).\n- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).\n- delay: add poll_event_interruptible (bsc#1048585).\n- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).\n- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).\n- dmaengine: pl330: fix double lock (bnc#1012382).\n- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).\n- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).\n- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).\n- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).\n- drivers: base: cacheinfo: fix boot error message when acpi is enabled (bnc#1012382).\n- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled (bnc#1012382).\n- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).\n- drivers/md/bcache/util.h: remove duplicate inclusion of blkdev.h (bsc#1076110).\n- drivers: net: xgene: Fix hardware checksum setting (bsc#1078526).\n- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).\n- drm: extra printk() wrapper macros (bnc#1012382).\n- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).\n- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).\n- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).\n- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).\n- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).\n- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).\n- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).\n- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).\n- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).\n- edac, sb_edac: Fix missing break in switch (bnc#1012382).\n- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).\n- efi: Move some sysfs files to be read-only by root (bnc#1012382).\n- eventpoll.h: add missing epoll event masks (bnc#1012382).\n- ext4: fix crash when a directory's i_size is too small (bnc#1012382).\n- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).\n- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).\n- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).\n- Fix build error in vma.c (bnc#1012382).\n- fjes: Fix wrong netdevice feature flags (bnc#1012382).\n- flow_dissector: properly cap thoff field (bnc#1012382).\n- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).\n- fork: clear thread stack upon allocation (bsc#1077560). Conflicts: \tseries.conf\n- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).\n- futex: Prevent overflow by strengthen input validation (bnc#1012382).\n- gcov: disable for COMPILE_TEST (bnc#1012382).\n- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).\n- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).\n- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).\n- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).\n- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).\n- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).\n- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).\n- i40e: Do not enable NAPI on q_vectors that have no rings (bnc#1012382).\n- ib/hfi1: Correct defered count after processing qp_wait_list (git-fixes).\n- ib/hfi1: Fix rnr_timer addition (git-fixes).\n- ib/hfi1: Handle kzalloc failure in init_pervl_scs (git-fixes).\n- ib/hfi1: Move iowait_init() to priv allocate (git-fixes).\n- ib/hfi1: Prevent kernel QP post send hard lockups (git-fixes).\n- ib/hfi1: Reset QSFP on every run through channel tuning (git-fixes).\n- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).\n- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).\n- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).\n- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).\n- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).\n- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).\n- ibmvnic: Fix IP offload control buffer (bsc#1076899).\n- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).\n- ibmvnic: Fix pending MAC address changes (bsc#1075627).\n- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).\n- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).\n- ibmvnic: Wait for device response when changing MAC (bsc#1078681).\n- ib/qib: Remove qpt_mask global (git-fixes).\n- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (git-fixes).\n- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).\n- igb: check memory allocation failure (bnc#1012382).\n- ima: fix hash algorithm initialization (bnc#1012382).\n- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).\n- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).\n- input: elantech - add new icbody type 15 (bnc#1012382).\n- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).\n- input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).\n- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix child-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix DT node memory management (bnc#1012382).\n- intel_th: pci: Add Gemini Lake support (bnc#1012382).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).\n- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).\n- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).\n- ipmi: Stop timers before cleaning up the module (bnc#1012382).\n- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).\n- ipv4: igmp: guard against silly MTU values (bnc#1012382).\n- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).\n- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).\n- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).\n- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).\n- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).\n- ipv6: mcast: better catch silly mtu values (bnc#1012382).\n- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).\n- ipvlan: fix ipv6 outbound device (bnc#1012382).\n- ipvlan: remove excessive packet scrubbing (bsc#1070799).\n- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).\n- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).\n- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).\n- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).\n- isdn: kcapi: avoid uninitialized data (bnc#1012382).\n- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).\n- ixgbe: fix use of uninitialized padding (bnc#1012382).\n- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).\n- jump_label: Make it possible for arches to invoke jump_label_init() earlier (bsc#1068032).\n- jump_labels: Allow array initialisers (bsc#1068032).\n- Kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076806).\n- kABI: protect struct bpf_map (kabi).\n- kABI: protect struct ipv6_pinfo (kabi).\n- kABI: protect struct t10_alua_tg_pt_gp (kabi).\n- kABI: protect struct usbip_device (kabi).\n- kabi/severities: do not care about stuff_RSB\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).\n- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).\n- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).\n- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).\n- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).\n- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).\n- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).\n- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).\n- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).\n- keys: add missing permission check for request_key() destination (bnc#1012382).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).\n- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).\n- kpti: Report when enabled (bnc#1012382).\n- kvm: arm/arm64: Fix occasional warning from the timer work function (bnc#1012382 bsc#988524).\n- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).\n- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).\n- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).\n- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).\n- kvm: s390: Enable all facility bits that are known good for passthrough (bsc#1076806).\n- kvm: s390: wire up bpb feature (bsc#1076806).\n- kvm: VMX: Fix enable VPID conditions (bnc#1012382).\n- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).\n- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382).\n- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).\n- kvm: x86: correct async page present tracepoint (bnc#1012382).\n- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).\n- kvm: x86: fix RSM when pciD is non-zero (bnc#1012382).\n- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).\n- lan78xx: Fix failure in USB Full Speed (bnc#1012382).\n- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).\n- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).\n- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).\n- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).\n- md-cluster: free md_cluster_info if node leave cluster (bnc#1012382).\n- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).\n- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).\n- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).\n- mfd: twl6040: Fix child-node lookup (bnc#1012382).\n- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: AR7: ensure the port type's FCR value is used (bnc#1012382).\n- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses (bnc#1012382).\n- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012382).\n- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA (bnc#1012382).\n- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: math-emu: Fix final emulation phase for certain instructions (bnc#1012382).\n- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task (bnc#1012382).\n- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).\n- mlxsw: reg: Fix SPVM max record count (bnc#1012382).\n- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).\n- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).\n- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).\n- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).\n- mm: Introduce lm_alias (bsc#1068032).\n- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1012382).\n- mm/mprotect: add a cond_resched() inside change_pmd_range() (bnc#1077871).\n- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).\n- module: set __jump_table alignment to 8 (bnc#1012382).\n- more bio_map_user_iov() leak fixes (bnc#1012382).\n- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).\n- net/appletalk: Fix kernel memory disclosure (bnc#1012382).\n- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).\n- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).\n- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).\n- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).\n- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).\n- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).\n- net: core: fix module type in sock_diag_bind (bnc#1012382).\n- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).\n- net: fec: fix multicast filtering hardware setup (bnc#1012382).\n- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).\n- netfilter: do not track fragmented packets (bnc#1012382).\n- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).\n- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).\n- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).\n- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).\n- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).\n- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).\n- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).\n- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).\n- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).\n- net: initialize msg.msg_flags in recvfrom (bnc#1012382).\n- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).\n- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).\n- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).\n- net: mvneta: clear interface link status on port disable (bnc#1012382).\n- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).\n- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).\n- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).\n- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).\n- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).\n- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).\n- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).\n- net: Resend IGMP memberships upon peer notification (bnc#1012382).\n- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).\n- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).\n- net: systemport: Pad packet before inserting TSB (bnc#1012382).\n- net: systemport: Utilize skb_put_padto() (bnc#1012382).\n- net: tcp: close sock if net namespace is exiting (bnc#1012382).\n- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).\n- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).\n- nfsd: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).\n- nfsd: fix nfsd_reset_versions for NFSv4 (bnc#1012382).\n- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).\n- nfs: Fix a typo in nfs_rename() (bnc#1012382).\n- nfsv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).\n- nfsv4: Fix client recovery when server reboots multiple times (bnc#1012382).\n- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).\n- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).\n- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).\n- packet: fix crash in fanout_demux_rollover() (bnc#1012382).\n- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).\n- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).\n- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).\n- pci/aer: Report non-fatal errors only to the affected endpoint (bnc#1012382).\n- pci: Avoid bus reset if bridge itself is broken (bnc#1012382).\n- pci: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).\n- pci: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).\n- pci/pme: Handle invalid data when reading Root Status (bnc#1012382).\n- pci / pm: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).\n- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).\n- perf test attr: Fix ignored test case result (bnc#1012382).\n- perf: xgene: Add APM X-Gene SoC Performance Monitoring Unit driver (bsc#1036737).\n- perf: xgene: Add support for SoC PMU version 3 (bsc#1076809).\n- perf: xgene: Include module.h (bsc#1076809).\n- perf: xgene: Move PMU leaf functions into function pointer structure (bsc#1076809).\n- perf: xgene: Parse PMU subnode from the match table (bsc#1076809).\n- perf: xgene: Remove unnecessary managed resources cleanup (bsc#1076809).\n- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).\n- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).\n- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).\n- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).\n- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).\n- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).\n- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).\n- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).\n- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).\n- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).\n- powerpc/ipic: Fix status get and status clear (bnc#1012382).\n- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).\n- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).\n- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).\n- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).\n- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).\n- ppp: Destroy the mutex when cleanup (bnc#1012382).\n- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).\n- pti: unbreak EFI (bsc#1074709).\n- r8152: fix the list rx_done may be used without initialization (bnc#1012382).\n- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).\n- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).\n- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).\n- ravb: Remove Rx overflow log messages (bnc#1012382).\n- rbd: set max_segments to USHRT_MAX (bnc#1012382).\n- rdma/cma: Avoid triggering undefined behavior (bnc#1012382).\n- rdma/iser: Fix possible mr leak on device removal event (bnc#1012382).\n- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).\n- rds: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).\n- rds: null pointer dereference in rds_atomic_free_op (bnc#1012382).\n- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).\n- regulator: da9063: Return an error code on probe failure (bsc#1074847).\n- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).\n- regulator: Try to resolve regulators supplies on registration (bsc#1074847).\n- Revert 'arm64: alternatives: add enable parameter to conditional asm macros' (bsc#1068032).\n- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).\n- Revert 'drm/armada: Fix compile fail' (bnc#1012382).\n- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).\n- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).\n- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).\n- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).\n- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).\n- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).\n- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).\n- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).\n- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).\n- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).\n- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).\n- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).\n- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).\n- route: also update fnhe_genid when updating a route cache (bnc#1012382).\n- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).\n- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).\n- rtc: pcf8563: fix output clock rate (bnc#1012382).\n- rtc: pl031: make interrupt optional (bnc#1012382).\n- rtc: set the alarm to the next expiring timer (bnc#1012382).\n- s390: always save and restore all registers on context switch (bnc#1012382).\n- s390: fix compat system call table (bnc#1012382).\n- s390/pci: do not require AIS facility (bnc#1012382).\n- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1012382).\n- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).\n- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).\n- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).\n- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).\n- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).\n- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).\n- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).\n- scsi: bfa: integer overflow in debugfs (bnc#1012382).\n- scsi: check for device state in __scsi_remove_target() (bsc#1072589).\n- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).\n- scsi: fixup kernel warning during rmmod() (bsc#1052360).\n- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).\n- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).\n- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).\n- scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters (bnc#1012382).\n- scsi: lpfc: Fix PT2PT PRLI reject (bnc#1012382).\n- scsi: lpfc: Fix secure firmware updates (bnc#1012382).\n- scsi: lpfc: PLOGI failures during NPIV testing (bnc#1012382).\n- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).\n- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).\n- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).\n- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).\n- scsi: sr: wait for the medium to become ready (bsc#1048585).\n- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).\n- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).\n- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).\n- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).\n- selftests/x86: Add test_vsyscall (bnc#1012382).\n- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).\n- serial: 8250_pci: Add Amazon pci serial device ID (bnc#1012382).\n- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).\n- Set supported_modules_check 1 (bsc#1072163).\n- sfc: do not warn on successful change of MAC (bnc#1012382).\n- sh_eth: fix SH7757 GEther initialization (bnc#1012382).\n- sh_eth: fix TSU resource handling (bnc#1012382).\n- sit: update frag_off info (bnc#1012382).\n- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).\n- sparc64/mm: set fields in deferred pages (bnc#1012382).\n- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).\n- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).\n- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).\n- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).\n- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).\n- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).\n- sysfs/cpu: Add vulnerability folder (bnc#1012382).\n- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).\n- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).\n- sysrq : fix Show Regs call trace on ARM (bnc#1012382).\n- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).\n- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).\n- target: fix ALUA transition timeout handling (bnc#1012382).\n- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).\n- target: fix race during implicit transition work flushes (bnc#1012382).\n- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).\n- target: Use system workqueue for ALUA transitions (bnc#1012382).\n- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).\n- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).\n- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).\n- tcp: __tcp_hdrlen() helper (bnc#1012382).\n- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).\n- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).\n- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).\n- tipc: fix cleanup at module unload (bnc#1012382).\n- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).\n- tipc: improve link resiliency when rps is activated (bsc#1068038).\n- tracing: Allocate mask_str buffer dynamically (bnc#1012382).\n- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).\n- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).\n- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).\n- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).\n- tty fix oops when rmmod 8250 (bnc#1012382).\n- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).\n- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).\n- udf: Avoid overflow when session starts at large offset (bnc#1012382).\n- um: link vmlinux with -no-pie (bnc#1012382).\n- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).\n- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).\n- USB: core: Add type-specific length check of BOS descriptors (bnc#1012382).\n- USB: core: prevent malicious bNumInterfaces overflow (bnc#1012382).\n- USB: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).\n- USB: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).\n- USB: fix usbmon BUG trigger (bnc#1012382).\n- usb: gadget: configs: plug memory leak (bnc#1012382).\n- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).\n- USB: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).\n- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).\n- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).\n- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).\n- USB: Increase usbfs transfer limit (bnc#1012382).\n- usbip: Fix implicit fallthrough warning (bnc#1012382).\n- usbip: Fix potential format overflow in userspace tools (bnc#1012382).\n- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).\n- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).\n- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).\n- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).\n- usbip: prevent leaking socket pointer address in messages (bnc#1012382).\n- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).\n- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).\n- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).\n- usb: musb: da8xx: fix babble condition handling (bnc#1012382).\n- usb: phy: isp1301: Add OF device ID table (bnc#1012382).\n- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).\n- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).\n- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).\n- USB: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).\n- USB: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).\n- USB: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).\n- USB: serial: option: add Quectel BG96 id (bnc#1012382).\n- USB: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).\n- USB: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).\n- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).\n- USB: usbfs: Filter flags passed in from user space (bnc#1012382).\n- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).\n- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).\n- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).\n- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).\n- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).\n- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).\n- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).\n- virtio: release virtio index when fail to device_register (bnc#1012382).\n- vmxnet3: repair memory leak (bnc#1012382).\n- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).\n- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).\n- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).\n- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).\n- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).\n- writeback: fix memory leak in wb_queue_work() (bnc#1012382).\n- X.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).\n- X.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).\n- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).\n- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).\n- x86/alternatives: Add missing '\\n' at end of ALTERNATIVE inline asm (bnc#1012382).\n- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).\n- x86/apic/vector: Fix off by one in error path (bnc#1012382).\n- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).\n- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).\n- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).\n- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).\n- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).\n- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).\n- x86/Documentation: Add PTI description (bnc#1012382).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).\n- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).\n- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).\n- x86/kasan: Write protect kasan zero shadow (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).\n- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).\n- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).\n- x86/mm: Disable pciD on 32-bit kernels (bnc#1012382).\n- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).\n- x86/pti: Document fix wrong index (bnc#1012382).\n- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).\n- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).\n- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).\n- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).\n- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).\n- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).\n- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).\n- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).\n- xen-netfront: Improve error handling during initialization (bnc#1012382).\n- xfrm: Copy policy family in clone_policy (bnc#1012382).\n- xfs: add configurable error support to metadata buffers (bsc#1068569).\n- xfs: add configuration handlers for specific errors (bsc#1068569).\n- xfs: add configuration of error failure speed (bsc#1068569).\n- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).\n- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).\n- xfs: address kabi for xfs buffer retry infrastructure (kabi).\n- xfs: configurable error behavior via sysfs (bsc#1068569).\n- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).\n- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).\n- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).\n- xfs: introduce metadata IO error class (bsc#1068569).\n- xfs: introduce table-based init for error behaviors (bsc#1068569).\n- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).\n- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).\n- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).\n- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).\n- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).\n- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-RT-12-SP2-2018-327", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0482-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:0482-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20180482-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:0482-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-February/003742.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1019784", url: "https://bugzilla.suse.com/1019784", }, { category: "self", summary: "SUSE Bug 1031717", url: "https://bugzilla.suse.com/1031717", }, { category: "self", summary: "SUSE Bug 1036737", url: "https://bugzilla.suse.com/1036737", }, { category: "self", summary: "SUSE Bug 1038078", url: "https://bugzilla.suse.com/1038078", }, { category: "self", summary: "SUSE Bug 1038085", url: "https://bugzilla.suse.com/1038085", }, { category: "self", summary: "SUSE Bug 1043652", url: "https://bugzilla.suse.com/1043652", }, { category: "self", summary: "SUSE Bug 1048585", url: "https://bugzilla.suse.com/1048585", }, { category: "self", summary: "SUSE Bug 1052360", url: "https://bugzilla.suse.com/1052360", }, { category: "self", summary: "SUSE Bug 1060279", url: "https://bugzilla.suse.com/1060279", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1066842", url: "https://bugzilla.suse.com/1066842", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068038", url: "https://bugzilla.suse.com/1068038", }, { category: "self", summary: "SUSE Bug 1068569", url: "https://bugzilla.suse.com/1068569", }, { category: "self", summary: "SUSE Bug 1068984", url: "https://bugzilla.suse.com/1068984", }, { category: "self", summary: "SUSE Bug 1069160", url: "https://bugzilla.suse.com/1069160", }, { category: "self", summary: "SUSE Bug 1070799", url: "https://bugzilla.suse.com/1070799", }, { category: "self", summary: "SUSE Bug 1072163", url: "https://bugzilla.suse.com/1072163", }, { category: "self", summary: "SUSE Bug 1072484", url: "https://bugzilla.suse.com/1072484", }, { category: "self", summary: "SUSE Bug 1072589", url: "https://bugzilla.suse.com/1072589", }, { category: "self", summary: "SUSE Bug 1073229", url: "https://bugzilla.suse.com/1073229", }, { category: "self", summary: "SUSE Bug 1073230", url: "https://bugzilla.suse.com/1073230", }, { category: "self", summary: "SUSE Bug 1073928", url: "https://bugzilla.suse.com/1073928", }, { category: "self", summary: "SUSE Bug 1074134", url: "https://bugzilla.suse.com/1074134", }, { category: "self", summary: "SUSE Bug 1074488", url: "https://bugzilla.suse.com/1074488", }, { category: "self", summary: "SUSE Bug 1074621", url: "https://bugzilla.suse.com/1074621", }, { category: "self", summary: "SUSE Bug 1074709", url: "https://bugzilla.suse.com/1074709", }, { category: "self", summary: "SUSE Bug 1074839", url: "https://bugzilla.suse.com/1074839", }, { category: "self", summary: "SUSE Bug 1074847", url: "https://bugzilla.suse.com/1074847", }, { category: "self", summary: "SUSE Bug 1075066", url: "https://bugzilla.suse.com/1075066", }, { category: "self", summary: "SUSE Bug 1075078", url: "https://bugzilla.suse.com/1075078", }, { category: "self", summary: "SUSE Bug 1075087", url: "https://bugzilla.suse.com/1075087", }, { category: "self", summary: "SUSE Bug 1075091", url: "https://bugzilla.suse.com/1075091", }, { category: "self", summary: "SUSE Bug 1075428", url: "https://bugzilla.suse.com/1075428", }, { category: "self", summary: "SUSE Bug 1075617", url: "https://bugzilla.suse.com/1075617", }, { category: "self", summary: "SUSE Bug 1075621", url: "https://bugzilla.suse.com/1075621", }, { category: "self", summary: "SUSE Bug 1075627", url: "https://bugzilla.suse.com/1075627", }, { category: "self", summary: "SUSE Bug 1075994", url: "https://bugzilla.suse.com/1075994", }, { category: "self", summary: "SUSE Bug 1076017", url: "https://bugzilla.suse.com/1076017", }, { category: "self", summary: "SUSE Bug 1076110", url: "https://bugzilla.suse.com/1076110", }, { category: "self", summary: "SUSE Bug 1076806", url: "https://bugzilla.suse.com/1076806", }, { category: "self", summary: "SUSE Bug 1076809", url: "https://bugzilla.suse.com/1076809", }, { category: "self", summary: "SUSE Bug 1076872", url: "https://bugzilla.suse.com/1076872", }, { category: "self", summary: "SUSE Bug 1076899", url: "https://bugzilla.suse.com/1076899", }, { category: "self", summary: "SUSE Bug 1077068", url: "https://bugzilla.suse.com/1077068", }, { category: "self", summary: "SUSE Bug 1077560", url: "https://bugzilla.suse.com/1077560", }, { category: "self", summary: "SUSE Bug 1077592", url: "https://bugzilla.suse.com/1077592", }, { category: "self", summary: "SUSE Bug 1077871", url: "https://bugzilla.suse.com/1077871", }, { category: "self", summary: "SUSE Bug 1078526", url: "https://bugzilla.suse.com/1078526", }, { category: "self", summary: "SUSE Bug 1078681", url: "https://bugzilla.suse.com/1078681", }, { category: "self", summary: "SUSE Bug 963844", url: "https://bugzilla.suse.com/963844", }, { category: "self", summary: "SUSE Bug 988524", url: "https://bugzilla.suse.com/988524", }, { category: "self", summary: "SUSE CVE CVE-2017-15129 page", url: "https://www.suse.com/security/cve/CVE-2017-15129/", }, { category: "self", summary: "SUSE CVE CVE-2017-17712 page", url: "https://www.suse.com/security/cve/CVE-2017-17712/", }, { category: "self", summary: "SUSE CVE CVE-2017-17862 page", url: "https://www.suse.com/security/cve/CVE-2017-17862/", }, { category: "self", summary: "SUSE CVE CVE-2017-17864 page", url: "https://www.suse.com/security/cve/CVE-2017-17864/", }, { category: "self", summary: "SUSE CVE CVE-2017-18017 page", url: "https://www.suse.com/security/cve/CVE-2017-18017/", }, { category: "self", summary: "SUSE CVE CVE-2017-5715 page", url: "https://www.suse.com/security/cve/CVE-2017-5715/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000004 page", url: "https://www.suse.com/security/cve/CVE-2018-1000004/", }, { category: "self", summary: "SUSE CVE CVE-2018-5332 page", url: "https://www.suse.com/security/cve/CVE-2018-5332/", }, { category: "self", summary: "SUSE CVE CVE-2018-5333 page", url: "https://www.suse.com/security/cve/CVE-2018-5333/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-02-19T19:17:06Z", generator: { date: "2018-02-19T19:17:06Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:0482-1", initial_release_date: "2018-02-19T19:17:06Z", revision_history: [ { date: "2018-02-19T19:17:06Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-4.4.114-27.1.noarch", product: { name: "kernel-devel-rt-4.4.114-27.1.noarch", product_id: "kernel-devel-rt-4.4.114-27.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-4.4.114-27.1.noarch", product: { name: "kernel-source-rt-4.4.114-27.1.noarch", product_id: "kernel-source-rt-4.4.114-27.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-4.4.114-27.1.x86_64", product: { name: "cluster-md-kmp-rt-4.4.114-27.1.x86_64", product_id: "cluster-md-kmp-rt-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-rt-4.4.114-27.1.x86_64", product: { name: "cluster-network-kmp-rt-4.4.114-27.1.x86_64", product_id: "cluster-network-kmp-rt-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-4.4.114-27.1.x86_64", product: { name: "dlm-kmp-rt-4.4.114-27.1.x86_64", product_id: "dlm-kmp-rt-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-4.4.114-27.1.x86_64", product: { name: "gfs2-kmp-rt-4.4.114-27.1.x86_64", product_id: "gfs2-kmp-rt-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-4.4.114-27.1.x86_64", product: { name: "kernel-rt-4.4.114-27.1.x86_64", product_id: "kernel-rt-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-base-4.4.114-27.1.x86_64", product: { name: "kernel-rt-base-4.4.114-27.1.x86_64", product_id: "kernel-rt-base-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-4.4.114-27.1.x86_64", product: { name: "kernel-rt-devel-4.4.114-27.1.x86_64", product_id: "kernel-rt-devel-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-4.4.114-27.1.x86_64", product: { name: "kernel-rt_debug-devel-4.4.114-27.1.x86_64", product_id: "kernel-rt_debug-devel-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-4.4.114-27.1.x86_64", product: { name: "kernel-syms-rt-4.4.114-27.1.x86_64", product_id: "kernel-syms-rt-4.4.114-27.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-4.4.114-27.1.x86_64", product: { name: "ocfs2-kmp-rt-4.4.114-27.1.x86_64", product_id: "ocfs2-kmp-rt-4.4.114-27.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Real Time 12 SP2", product: { name: "SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:suse-linux-enterprise-rt:12:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", }, product_reference: "cluster-md-kmp-rt-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-rt-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", }, product_reference: "cluster-network-kmp-rt-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", }, product_reference: "dlm-kmp-rt-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", }, product_reference: "gfs2-kmp-rt-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-4.4.114-27.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", }, product_reference: "kernel-devel-rt-4.4.114-27.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", }, product_reference: "kernel-rt-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-base-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", }, product_reference: "kernel-rt-base-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", }, product_reference: "kernel-rt-devel-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", }, product_reference: "kernel-rt_debug-devel-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-4.4.114-27.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", }, product_reference: "kernel-source-rt-4.4.114-27.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", }, product_reference: "kernel-syms-rt-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-4.4.114-27.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2", product_id: "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", }, product_reference: "ocfs2-kmp-rt-4.4.114-27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15129", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15129", url: "https://www.suse.com/security/cve/CVE-2017-15129", }, { category: "external", summary: "SUSE Bug 1074839 for CVE-2017-15129", url: "https://bugzilla.suse.com/1074839", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "moderate", }, ], title: "CVE-2017-15129", }, { cve: "CVE-2017-17712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17712", }, ], notes: [ { category: "general", text: "The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17712", url: "https://www.suse.com/security/cve/CVE-2017-17712", }, { category: "external", summary: "SUSE Bug 1073229 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073229", }, { category: "external", summary: "SUSE Bug 1073230 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073230", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "important", }, ], title: "CVE-2017-17712", }, { cve: "CVE-2017-17862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17862", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17862", url: "https://www.suse.com/security/cve/CVE-2017-17862", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17862", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "moderate", }, ], title: "CVE-2017-17862", }, { cve: "CVE-2017-17864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17864", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17864", url: "https://www.suse.com/security/cve/CVE-2017-17864", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17864", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "moderate", }, ], title: "CVE-2017-17864", }, { cve: "CVE-2017-18017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18017", }, ], notes: [ { category: "general", text: "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18017", url: "https://www.suse.com/security/cve/CVE-2017-18017", }, { category: "external", summary: "SUSE Bug 1074488 for CVE-2017-18017", url: "https://bugzilla.suse.com/1074488", }, { category: "external", summary: "SUSE Bug 1080255 for CVE-2017-18017", url: "https://bugzilla.suse.com/1080255", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-18017", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-18017", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 971126 for CVE-2017-18017", url: "https://bugzilla.suse.com/971126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "important", }, ], title: "CVE-2017-18017", }, { cve: "CVE-2017-5715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5715", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5715", url: "https://www.suse.com/security/cve/CVE-2017-5715", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5715", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1074741 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074741", }, { category: "external", summary: "SUSE Bug 1074919 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074919", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075007 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075007", }, { category: "external", summary: "SUSE Bug 1075262 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075262", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1076115 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076115", }, { category: "external", summary: "SUSE Bug 1076372 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076372", }, { category: "external", summary: "SUSE Bug 1076606 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076606", }, { category: "external", summary: "SUSE Bug 1078353 for CVE-2017-5715", url: "https://bugzilla.suse.com/1078353", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5715", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087887 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087887", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1088147 for CVE-2017-5715", url: "https://bugzilla.suse.com/1088147", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5715", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-5715", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1095735 for CVE-2017-5715", url: "https://bugzilla.suse.com/1095735", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2017-5715", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-5715", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1126516 for CVE-2017-5715", url: "https://bugzilla.suse.com/1126516", }, { category: "external", summary: "SUSE Bug 1173489 for CVE-2017-5715", url: "https://bugzilla.suse.com/1173489", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5715", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201457 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201457", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1203236 for CVE-2017-5715", url: "https://bugzilla.suse.com/1203236", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "important", }, ], title: "CVE-2017-5715", }, { cve: "CVE-2018-1000004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000004", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000004", url: "https://www.suse.com/security/cve/CVE-2018-1000004", }, { category: "external", summary: "SUSE Bug 1076017 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1076017", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "moderate", }, ], title: "CVE-2018-1000004", }, { cve: "CVE-2018-5332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5332", }, ], notes: [ { category: "general", text: "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5332", url: "https://www.suse.com/security/cve/CVE-2018-5332", }, { category: "external", summary: "SUSE Bug 1075621 for CVE-2018-5332", url: "https://bugzilla.suse.com/1075621", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5332", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-5332", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "low", }, ], title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5333", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5333", url: "https://www.suse.com/security/cve/CVE-2018-5333", }, { category: "external", summary: "SUSE Bug 1075617 for CVE-2018-5333", url: "https://bugzilla.suse.com/1075617", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5333", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.114-27.1.noarch", "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.114-27.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.114-27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-19T19:17:06Z", details: "low", }, ], title: "CVE-2018-5333", }, ], }
suse-su-2018:0383-1
Vulnerability from csaf_suse
Published
2018-02-07 13:35
Modified
2018-02-07 13:35
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.114 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.
- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel in the function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).
- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229).
- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignored unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).
- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).
- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).
- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).
- CVE-2018-1000004: In the Linux kernel a race condition vulnerability existed in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).
The following non-security bugs were fixed:
- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).
- acpi / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).
- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).
- af_key: fix buffer overread in verify_address_len() (bnc#1012382).
- afs: Adjust mode bits processing (bnc#1012382).
- afs: Connect up the CB.ProbeUuid (bnc#1012382).
- afs: Fix afs_kill_pages() (bnc#1012382).
- afs: Fix missing put_page() (bnc#1012382).
- afs: Fix page leak in afs_write_begin() (bnc#1012382).
- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).
- afs: Flush outstanding writes when an fd is closed (bnc#1012382).
- afs: Migrate vlocation fields to 64-bit (bnc#1012382).
- afs: Populate and use client modification time (bnc#1012382).
- afs: Populate group ID from vnode status (bnc#1012382).
- afs: Prevent callback expiry timer overflow (bnc#1012382).
- alpha: fix build failures (bnc#1012382).
- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).
- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).
- alsa: aloop: Release cable upon open error path (bsc#1031717).
- alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717).
- alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717).
- alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717).
- alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717).
- alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717).
- alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717).
- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).
- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).
- alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717).
- alsa: hda: Drop useless WARN_ON() (bsc#1031717).
- alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717).
- alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717).
- alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717).
- alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717).
- alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717).
- alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717).
- alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717).
- alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717).
- alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717).
- alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717).
- alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717).
- alsa: hda/realtek - Add support for ALC1220 (bsc#1031717).
- alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717).
- alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717).
- alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717).
- alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717).
- alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717).
- alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717).
- alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717).
- alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717).
- alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717).
- alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717).
- alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717).
- alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717).
- alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717).
- alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717).
- alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717).
- alsa: hda/realtek - New codec support for ALC257 (bsc#1031717).
- alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717).
- alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717).
- alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717).
- alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717).
- alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717).
- alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717).
- alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717).
- alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717).
- alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717).
- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).
- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).
- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).
- alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).
- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).
- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).
- alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717).
- alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717).
- alsa: usb-audio: Add check return value for usb_string() (bsc#1031717).
- alsa: usb-audio: Fix out-of-bound error (bsc#1031717).
- alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717).
- arc: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).
- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).
- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).
- arm64: Branch predictor hardening for Cavium ThunderX2 (bsc#1068032).
- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).
- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).
- arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs (bsc#1068032).
- arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 (bsc#1068032).
- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).
- arm64: Define cputype macros for Falkor CPU (bsc#1068032).
- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).
- arm64: Do not force KPTI for CPUs that are not vulnerable (bsc#1076187).
- arm64: do not pull uaccess.h into *.S (bsc#1068032).
- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).
- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).
- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).
- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).
- arm64: entry: remove pointless SPSR mode check (bsc#1068032).
- arm64: entry.S convert el0_sync (bsc#1068032).
- arm64: entry.S: convert el1_sync (bsc#1068032).
- arm64: entry.S: convert elX_irq (bsc#1068032).
- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).
- arm64: entry.S: Remove disable_dbg (bsc#1068032).
- arm64: erratum: Work around Falkor erratum #E1003 in trampoline code (bsc#1068032).
- arm64: explicitly mask all exceptions (bsc#1068032).
- arm64: factor out entry stack manipulation (bsc#1068032).
- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).
- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).
- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).
- arm64: factor work_pending state machine to C (bsc#1068032).
- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).
- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).
- arm64: Handle faults caused by inadvertent user access with PAN enabled (bsc#1068032).
- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).
- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).
- arm64: Implement branch predictor hardening for Falkor (bsc#1068032).
- arm64: Initialise high_memory global variable earlier (bnc#1012382).
- arm64: introduce an order for exceptions (bsc#1068032).
- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).
- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).
- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).
- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).
- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).
- arm64: kill ESR_LNX_EXEC (bsc#1068032).
- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).
- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bsc#1076232).
- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm64: kvm: Make PSCI_VERSION a fast path (bsc#1068032).
- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).
- arm64: Mask all exceptions during kernel_exit (bsc#1068032).
- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).
- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).
- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: hardcode rodata=true (bsc#1068032).
- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).
- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).
- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).
- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).
- arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 (bsc#1068032).
- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).
- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).
- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).
- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).
- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).
- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).
- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).
- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).
- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).
- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).
- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).
- arm64: thunderx2: remove branch predictor hardening References: bsc#1076232 This causes undefined instruction abort on the smc call from guest kernel. Disable until kvm is fixed.
- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).
- arm64: Turn on KPTI only on CPUs that need it (bsc#1076187).
- arm64: use alternative auto-nop (bsc#1068032).
- arm64: use RET instruction for exiting the trampoline (bsc#1068032).
- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).
- arm/arm64: kvm: Make default HYP mappings non-excutable (bsc#1068032).
- arm: avoid faulting on qemu (bnc#1012382).
- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).
- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).
- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).
- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).
- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).
- arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382).
- arm: dts: ti: fix PCI bus dtc warnings (bnc#1012382).
- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).
- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).
- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).
- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).
- arm: OMAP2+: Fix device node reference counts (bnc#1012382).
- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).
- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).
- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).
- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).
- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).
- asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717).
- asoc: twl4030: fix child-node lookup (bsc#1031717).
- asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717).
- ath9k: fix tx99 potential info leak (bnc#1012382).
- atm: horizon: Fix irq release error (bnc#1012382).
- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).
- axonram: Fix gendisk handling (bnc#1012382).
- backlight: pwm_bl: Fix overflow condition (bnc#1012382).
- bcache: add a comment in journal bucket reading (bsc#1076110).
- bcache: Avoid nested function definition (bsc#1076110).
- bcache: bch_allocator_thread() is not freezable (bsc#1076110).
- bcache: bch_writeback_thread() is not freezable (bsc#1076110).
- bcache: check return value of register_shrinker (bsc#1076110).
- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).
- bcache: documentation updates and corrections (bsc#1076110).
- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).
- bcache: do not write back data if reading it failed (bsc#1076110).
- bcache: explicitly destroy mutex while exiting (bnc#1012382).
- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).
- bcache: Fix building error on MIPS (bnc#1012382).
- bcache: fix sequential large write IO bypass (bsc#1076110).
- bcache: fix wrong cache_misses statistics (bnc#1012382).
- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).
- bcache: implement PI controller for writeback rate (bsc#1076110).
- bcache: increase the number of open buckets (bsc#1076110).
- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).
- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110, bsc#1019784).
- bcache: rearrange writeback main thread ratelimit (bsc#1076110).
- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).
- bcache: Remove redundant set_capacity (bsc#1076110).
- bcache: remove unused parameter (bsc#1076110).
- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085).
- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).
- bcache: silence static checker warning (bsc#1076110).
- bcache: smooth writeback rate control (bsc#1076110).
- bcache.txt: standardize document format (bsc#1076110).
- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).
- bcache: update bucket_in_use in real time (bsc#1076110).
- bcache: Update continue_at() documentation (bsc#1076110).
- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).
- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).
- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).
- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).
- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844 FATE#320192).
- block: wake up all tasks blocked in get_request() (bnc#1012382).
- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).
- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).
- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).
- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).
- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).
- btrfs: clear space cache inode generation always (bnc#1012382).
- btrfs: embed extent_changeset::range_changed to the structure (dependent patch, bsc#1031395).
- btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (bsc#1031395).
- btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (bsc#1031395).
- btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependent patch, bsc#1031395).
- btrfs: qgroup: Return actually freed bytes for qgroup release or free data (bsc#1031395).
- btrfs: qgroup-test: Fix backport error in qgroup selftest (just to make CONFIG_BTRFS_FS_RUN_SANITY_TESTS pass compile).
- btrfs: ulist: make the finalization function public (dependent patch, bsc#1031395).
- btrfs: ulist: rename ulist_fini to ulist_release (dependent patch, bsc#1031395).
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).
- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).
- can: kvaser_usb: free buf in error paths (bnc#1012382).
- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).
- can: peak: fix potential bug in packet fragmentation (bnc#1012382).
- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).
- cdc-acm: apply quirk for card reader (bsc#1060279).
- cdrom: factor out common open_for_* code (bsc#1048585).
- cdrom: wait for tray to close (bsc#1048585).
- ceph: more accurate statfs (bsc#1077068).
- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).
- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).
- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).
- config: arm64: enable HARDEN_BRANCH_PREDICTOR
- config: arm64: enable UNMAP_KERNEL_AT_EL0
- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).
- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).
- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).
- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).
- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).
- crypto: chelsio - select CRYPTO_GF128MUL (bsc#1048325).
- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).
- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).
- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).
- crypto: n2 - cure use after free (bnc#1012382).
- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).
- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).
- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).
- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).
- dax: Pass detailed error code from __dax_fault() (bsc#1072484).
- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).
- delay: add poll_event_interruptible (bsc#1048585).
- dlm: fix malfunction of dlm_tool caused by debugfs changes (bsc#1077704).
- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).
- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).
- dmaengine: pl330: fix double lock (bnc#1012382).
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).
- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).
- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).
- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).
- drm: extra printk() wrapper macros (bnc#1012382).
- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).
- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).
- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).
- drm/radeon: fix atombios on big endian (bnc#1012382).
- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).
- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).
- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).
- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).
- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).
- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).
- edac, sb_edac: Fix missing break in switch (bnc#1012382).
- eeprom: at24: check at24_read/write arguments (bnc#1012382).
- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).
- efi: Move some sysfs files to be read-only by root (bnc#1012382).
- eventpoll.h: add missing epoll event masks (bnc#1012382).
- ext4: fix crash when a directory's i_size is too small (bnc#1012382).
- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).
- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).
- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).
- Fix EX_SIZE. We do not have the patches that shave off parts of the exception data.
- Fix mishandling of cases with MSR not being present (writing to MSR even though _state == -1).
- Fix return value from ib[rs|pb]_enabled()
- Fixup hang when calling 'nvme list' on all paths down (bsc#1070052).
- fjes: Fix wrong netdevice feature flags (bnc#1012382).
- flow_dissector: properly cap thoff field (bnc#1012382).
- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).
- fork: clear thread stack upon allocation (bsc#1077560).
- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).
- futex: Prevent overflow by strengthen input validation (bnc#1012382).
- gcov: disable for COMPILE_TEST (bnc#1012382).
- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).
- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).
- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).
- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).
- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).
- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).
- i40iw: Account for IPv6 header when setting MSS (bsc#1024376 FATE#321249).
- i40iw: Allocate a sdbuf per CQP WQE (bsc#1024376 FATE#321249).
- i40iw: Cleanup AE processing (bsc#1024376 FATE#321249).
- i40iw: Clear CQP Head/Tail during initialization (bsc#1024376 FATE#321249).
- i40iw: Correct ARP index mask (bsc#1024376 FATE#321249).
- i40iw: Do not allow posting WR after QP is flushed (bsc#1024376 FATE#321249).
- i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE (bsc#1024376 FATE#321249).
- i40iw: Do not generate CQE for RTR on QP flush (bsc#1024376 FATE#321249).
- i40iw: Do not retransmit MPA request after it is ACKed (bsc#1024376 FATE#321249).
- i40iw: Fixes for static checker warnings (bsc#1024376 FATE#321249).
- i40iw: Ignore AE source field in AEQE for some AEs (bsc#1024376 FATE#321249).
- i40iw: Move cqp_cmd_head init to CQP initialization (bsc#1024376 FATE#321249).
- i40iw: Move exception_lan_queue to VSI structure (bsc#1024376 FATE#321249).
- i40iw: Move MPA request event for loopback after connect (bsc#1024376 FATE#321249).
- i40iw: Notify user of established connection after QP in RTS (bsc#1024376 FATE#321249).
- i40iw: Reinitialize IEQ on MTU change (bsc#1024376 FATE#321249).
- ib/hfi1: Fix misspelling in comment (bsc#973818, fate#319242).
- ib/hfi1: Prevent kernel QP post send hard lockups (bsc#973818 FATE#319242).
- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).
- ib/ipoib: Fix race condition in neigh creation (bsc#1022595 FATE#322350).
- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).
- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).
- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).
- ib/mlx5: Serialize access to the VMA list (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).
- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).
- ibmvnic: Fix IP offload control buffer (bsc#1076899).
- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).
- ibmvnic: Fix pending MAC address changes (bsc#1075627).
- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).
- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).
- ibmvnic: Wait for device response when changing MAC (bsc#1078681).
- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (bsc#973818, fate#319242).
- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).
- ib/srpt: Fix ACL lookup during login (bsc#1024296 FATE#321265).
- ib/uverbs: Fix command checking as part of ib_uverbs_ex_modify_qp() (FATE#321231 FATE#321473 FATE#322153 FATE#322149).
- igb: check memory allocation failure (bnc#1012382).
- ima: fix hash algorithm initialization (bnc#1012382).
- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).
- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).
- input: elantech - add new icbody type 15 (bnc#1012382).
- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).
- input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).
- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).
- input: twl6040-vibra - fix child-node lookup (bnc#1012382).
- input: twl6040-vibra - fix DT node memory management (bnc#1012382).
- intel_th: pci: Add Gemini Lake support (bnc#1012382).
- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).
- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).
- ip6_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).
- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).
- ip_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).
- ipmi: Stop timers before cleaning up the module (bnc#1012382).
- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).
- ipv4: igmp: guard against silly MTU values (bnc#1012382).
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).
- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).
- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).
- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).
- ipv6: mcast: better catch silly mtu values (bnc#1012382).
- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).
- ipvlan: fix ipv6 outbound device (bnc#1012382).
- ipvlan: remove excessive packet scrubbing (bsc#1070799).
- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).
- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).
- iscsi_iser: Re-enable 'iser_pi_guard' module parameter (bsc#1062129).
- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).
- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).
- isdn: kcapi: avoid uninitialized data (bnc#1012382).
- iser-target: Fix possible use-after-free in connection establishment error (FATE#321732).
- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).
- iw_cxgb4: reflect the original WR opcode in drain cqes (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).
- iw_cxgb4: when flushing, complete all wrs in a chain (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).
- ixgbe: fix use of uninitialized padding (bnc#1012382).
- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).
- kabi fix for new hash_cred function (bsc#1012917).
- kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076805).
- kABI: protect struct bpf_map (kabi).
- kABI: protect struct ipv6_pinfo (kabi).
- kABI: protect struct t10_alua_tg_pt_gp (kabi).
- kABI: protect struct usbip_device (kabi).
- kabi/severities: arm64: ignore cpu capability array
- kabi/severities: do not care about stuff_RSB
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kaiser: Set _PAGE_NX only if supported (bnc#1012382).
- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).
- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).
- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).
- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).
- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).
- keys: add missing permission check for request_key() destination (bnc#1012382).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).
- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).
- kpti: Report when enabled (bnc#1012382).
- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).
- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).
- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).
- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).
- kvm: s390: Enable all facility bits that are known good for passthrough (bsc#1076805).
- kvm: s390: wire up bpb feature (bsc#1076805).
- kvm: VMX: Fix enable VPID conditions (bnc#1012382).
- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).
- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382 bsc#1068032).
- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).
- kvm: x86: correct async page present tracepoint (bnc#1012382).
- kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382).
- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).
- kvm: x86: fix RSM when PCID is non-zero (bnc#1012382).
- kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382).
- kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382).
- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).
- lan78xx: Fix failure in USB Full Speed (bnc#1012382).
- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).
- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).
- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).
- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).
- md: more open-coded offset_in_page() (bsc#1076110).
- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).
- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).
- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).
- mfd: twl6040: Fix child-node lookup (bnc#1012382).
- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).
- mlxsw: reg: Fix SPVM max record count (bnc#1012382).
- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).
- mmc: core: Do not leave the block driver in a suspended state (bnc#1012382).
- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).
- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).
- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).
- mm/mprotect: add a cond_resched() inside change_pmd_range() (bnc#1077871, bnc#1078002).
- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).
- module: Add retpoline tag to VERMAGIC (bnc#1012382).
- module: set __jump_table alignment to 8 (bnc#1012382).
- more bio_map_user_iov() leak fixes (bnc#1012382).
- mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382).
- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).
- net/appletalk: Fix kernel memory disclosure (bnc#1012382).
- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).
- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).
- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).
- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).
- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).
- net: core: fix module type in sock_diag_bind (bnc#1012382).
- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).
- net: fec: fix multicast filtering hardware setup (bnc#1012382).
- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).
- netfilter: do not track fragmented packets (bnc#1012382).
- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).
- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).
- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).
- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).
- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).
- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).
- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).
- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).
- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).
- net: initialize msg.msg_flags in recvfrom (bnc#1012382).
- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).
- netlink: add a start callback for starting a netlink dump (bnc#1012382).
- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).
- net/mlx5: Avoid NULL pointer dereference on steering cleanup (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Cleanup IRQs in case of unload failure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Add refcount to VXLAN structure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Fix ETS BW check (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Fix features check of IPv6 traffic (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare (bsc#1015342).
- net/mlx5e: Fix possible deadlock of VXLAN lock (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5e: Prevent possible races in VXLAN control flow (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net/mlx5: Fix error flow in CREATE_QP command (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Fix rate limit packet pacing naming and struct (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
- net/mlx5: Stay in polling mode when command EQ destroy fails (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).
- net: mvneta: clear interface link status on port disable (bnc#1012382).
- net: mvneta: eliminate wrong call to handle rx descriptor error (fate#319899).
- net: mvneta: use proper rxq_number in loop on rx queues (fate#319899).
- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).
- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).
- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).
- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).
- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).
- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).
- net: Resend IGMP memberships upon peer notification (bnc#1012382).
- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).
- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).
- net: systemport: Pad packet before inserting TSB (bnc#1012382).
- net: systemport: Utilize skb_put_padto() (bnc#1012382).
- net: tcp: close sock if net namespace is exiting (bnc#1012382).
- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).
- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).
- nfsd: Fix another OPEN stateid race (bnc#1012382).
- nfsd: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).
- nfsd: fix nfsd_reset_versions for NFSv4 (bnc#1012382).
- nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382).
- nfsd: Make init_open_stateid() a bit more whole (bnc#1012382).
- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).
- nfs: Fix a typo in nfs_rename() (bnc#1012382).
- nfs: improve shinking of access cache (bsc#1012917).
- nfsv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).
- nfsv4: Fix client recovery when server reboots multiple times (bnc#1012382).
- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).
- nvme_fc: correct hang in nvme_ns_remove() (bsc#1075811).
- nvme_fc: fix rogue admin cmds stalling teardown (bsc#1075811).
- nvme-pci: Remove watchdog timer (bsc#1066163).
- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).
- packet: fix crash in fanout_demux_rollover() (bnc#1012382).
- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).
- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).
- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).
- pci/AER: Report non-fatal errors only to the affected endpoint (bnc#1012382).
- pci: Avoid bus reset if bridge itself is broken (bnc#1012382).
- pci: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).
- pci: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).
- pci/PME: Handle invalid data when reading Root Status (bnc#1012382).
- pci / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).
- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).
- perf test attr: Fix ignored test case result (bnc#1012382).
- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).
- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).
- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).
- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).
- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).
- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).
- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).
- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).
- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).
- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).
- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).
- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).
- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).
- powerpc/ipic: Fix status get and status clear (bnc#1012382).
- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).
- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).
- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).
- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).
- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).
- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).
- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).
- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).
- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).
- ppp: Destroy the mutex when cleanup (bnc#1012382).
- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).
- pti: unbreak EFI (bsc#1074709).
- r8152: fix the list rx_done may be used without initialization (bnc#1012382).
- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).
- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).
- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).
- ravb: Remove Rx overflow log messages (bnc#1012382).
- rbd: set max_segments to USHRT_MAX (bnc#1012382).
- rdma/cma: Avoid triggering undefined behavior (bnc#1012382).
- rdma/i40iw: Remove MSS change support (bsc#1024376 FATE#321249).
- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).
- rds: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).
- rds: null pointer dereference in rds_atomic_free_op (bnc#1012382).
- Re-enable fixup detection by CPU type in case hypervisor call fails.
- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).
- regulator: da9063: Return an error code on probe failure (bsc#1074847).
- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).
- regulator: Try to resolve regulators supplies on registration (bsc#1074847).
- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).
- Revert 'drm/armada: Fix compile fail' (bnc#1012382).
- Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382).
- Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi).
- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).
- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).
- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).
- Revert 'module: Add retpoline tag to VERMAGIC' (kabi).
- Revert 'netlink: add a start callback for starting a netlink dump' (kabi).
- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).
- Revert 'Re-enable fixup detection by CPU type in case hypervisor call fails.' The firmware update is required for the existing instructions to also do the cache flush.
- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).
- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).
- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).
- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).
- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).
- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).
- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).
- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).
- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).
- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).
- route: also update fnhe_genid when updating a route cache (bnc#1012382).
- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).
- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).
- rtc: pcf8563: fix output clock rate (bnc#1012382).
- rtc: pl031: make interrupt optional (bnc#1012382).
- rtc: set the alarm to the next expiring timer (bnc#1012382).
- s390: always save and restore all registers on context switch (bnc#1012382).
- s390/cpuinfo: show facilities as reported by stfle (bnc#1076847, LTC#163740).
- s390: fix compat system call table (bnc#1012382).
- s390/pci: do not require AIS facility (bnc#1012382).
- s390/qeth: no ETH header for outbound AF_IUCV (LTC#156276 bnc#1012382 bnc#1053472).
- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).
- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).
- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).
- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).
- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).
- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).
- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).
- sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476).
- scsi: bfa: integer overflow in debugfs (bnc#1012382).
- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).
- scsi: handle ABORTED_COMMAND on Fujitsu ETERNUS (bsc#1069138).
- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).
- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).
- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).
- scsi: lpfc: Use after free in lpfc_rq_buf_free() (bsc#1037838).
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).
- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).
- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).
- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).
- scsi: sr: wait for the medium to become ready (bsc#1048585).
- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).
- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).
- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).
- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).
- selftests/x86: Add test_vsyscall (bnc#1012382).
- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).
- serial: 8250_pci: Add Amazon PCI serial device ID (bnc#1012382).
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).
- series.conf: move core networking (including netfilter) into sorted section
- series.conf: whitespace cleanup
- Set supported_modules_check 1 (bsc#1072163).
- sfc: do not warn on successful change of MAC (bnc#1012382).
- sh_eth: fix SH7757 GEther initialization (bnc#1012382).
- sh_eth: fix TSU resource handling (bnc#1012382).
- sit: update frag_off info (bnc#1012382).
- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).
- sparc64/mm: set fields in deferred pages (bnc#1012382).
- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).
- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).
- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).
- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).
- sunrpc: add auth_unix hash_cred() function (bsc#1012917).
- sunrpc: add generic_auth hash_cred() function (bsc#1012917).
- sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917).
- sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917).
- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).
- sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917).
- sunrpc: use supplimental groups in auth hash (bsc#1012917).
- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- sysrq : fix Show Regs call trace on ARM (bnc#1012382).
- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).
- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).
- target: fix ALUA transition timeout handling (bnc#1012382).
- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).
- target: fix race during implicit transition work flushes (bnc#1012382).
- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).
- target: Use system workqueue for ALUA transitions (bnc#1012382).
- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).
- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).
- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).
- tcp: __tcp_hdrlen() helper (bnc#1012382).
- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).
- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).
- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).
- tipc: fix cleanup at module unload (bnc#1012382).
- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).
- tipc: improve link resiliency when rps is activated (bsc#1068038).
- tracing: Allocate mask_str buffer dynamically (bnc#1012382).
- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).
- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).
- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).
- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).
- tty fix oops when rmmod 8250 (bnc#1012382).
- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).
- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).
- udf: Avoid overflow when session starts at large offset (bnc#1012382).
- um: link vmlinux with -no-pie (bnc#1012382).
- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).
- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).
- usb: core: Add type-specific length check of BOS descriptors (bnc#1012382).
- usb: core: prevent malicious bNumInterfaces overflow (bnc#1012382).
- usb: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).
- usb: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).
- usb: fix usbmon BUG trigger (bnc#1012382).
- usb: gadget: configs: plug memory leak (bnc#1012382).
- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).
- usb: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).
- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).
- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).
- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).
- usb: Increase usbfs transfer limit (bnc#1012382).
- usbip: Fix implicit fallthrough warning (bnc#1012382).
- usbip: Fix potential format overflow in userspace tools (bnc#1012382).
- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).
- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).
- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).
- usbip: prevent leaking socket pointer address in messages (bnc#1012382).
- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).
- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).
- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).
- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).
- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).
- usb: musb: da8xx: fix babble condition handling (bnc#1012382).
- usb: phy: isp1301: Add OF device ID table (bnc#1012382).
- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).
- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).
- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).
- usb: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).
- usb: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).
- usb: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).
- usb: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).
- usb: serial: option: add Quectel BG96 id (bnc#1012382).
- usb: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).
- usb: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).
- usb: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).
- usb: usbfs: Filter flags passed in from user space (bnc#1012382).
- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).
- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).
- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).
- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).
- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).
- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).
- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).
- virtio: release virtio index when fail to device_register (bnc#1012382).
- vmxnet3: repair memory leak (bnc#1012382).
- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).
- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).
- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).
- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).
- writeback: fix memory leak in wb_queue_work() (bnc#1012382).
- x.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).
- x509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).
- x.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).
- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm (bnc#1012382).
- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).
- x86/apic/vector: Fix off by one in error path (bnc#1012382).
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).
- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).
- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).
- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).
- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).
- x86/cpu: Rename Merrifield2 to Moorefield (bsc#985025).
- x86/cpu: Rename 'WESTMERE2' family to 'NEHALEM_G' (bsc#985025).
- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).
- x86/Documentation: Add PTI description (bnc#1012382).
- x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382).
- x86/efi: Build our own page table structures (fate#320512).
- x86/efi: Hoist page table switching code into efi_call_virt() (fate#320512).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).
- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).
- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).
- x86/kasan: Write protect kasan zero shadow (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).
- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).
- x86/mm: Disable PCID on 32-bit kernels (bnc#1012382).
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (fate#320588).
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).
- x86/pti: Document fix wrong index (bnc#1012382).
- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).
- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).
- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).
- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).
- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).
- xen-netfront: Improve error handling during initialization (bnc#1012382).
- xfrm: Copy policy family in clone_policy (bnc#1012382).
- xfs: add configurable error support to metadata buffers (bsc#1068569).
- xfs: add configuration handlers for specific errors (bsc#1068569).
- xfs: add configuration of error failure speed (bsc#1068569).
- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).
- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).
- xfs: address kabi for xfs buffer retry infrastructure (kabi).
- xfs: configurable error behavior via sysfs (bsc#1068569).
- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).
- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).
- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).
- xfs: introduce metadata IO error class (bsc#1068569).
- xfs: introduce table-based init for error behaviors (bsc#1068569).
- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).
- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).
- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).
- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).
- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).
- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).
- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).
Patchnames
SUSE-CAASP-ALL-2018-271,SUSE-SLE-DESKTOP-12-SP3-2018-271,SUSE-SLE-HA-12-SP3-2018-271,SUSE-SLE-Live-Patching-12-SP3-2018-271,SUSE-SLE-SDK-12-SP3-2018-271,SUSE-SLE-SERVER-12-SP3-2018-271,SUSE-SLE-WE-12-SP3-2018-271
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.114 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).\n\n The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.\n\n- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel in the function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).\n- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229).\n- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignored unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).\n- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).\n- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).\n- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).\n- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2018-1000004: In the Linux kernel a race condition vulnerability existed in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).\n\nThe following non-security bugs were fixed:\n\n- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).\n- acpi / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).\n- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).\n- af_key: fix buffer overread in verify_address_len() (bnc#1012382).\n- afs: Adjust mode bits processing (bnc#1012382).\n- afs: Connect up the CB.ProbeUuid (bnc#1012382).\n- afs: Fix afs_kill_pages() (bnc#1012382).\n- afs: Fix missing put_page() (bnc#1012382).\n- afs: Fix page leak in afs_write_begin() (bnc#1012382).\n- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).\n- afs: Flush outstanding writes when an fd is closed (bnc#1012382).\n- afs: Migrate vlocation fields to 64-bit (bnc#1012382).\n- afs: Populate and use client modification time (bnc#1012382).\n- afs: Populate group ID from vnode status (bnc#1012382).\n- afs: Prevent callback expiry timer overflow (bnc#1012382).\n- alpha: fix build failures (bnc#1012382).\n- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).\n- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).\n- alsa: aloop: Release cable upon open error path (bsc#1031717).\n- alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717).\n- alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717).\n- alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717).\n- alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717).\n- alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717).\n- alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717).\n- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).\n- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).\n- alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717).\n- alsa: hda: Drop useless WARN_ON() (bsc#1031717).\n- alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717).\n- alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717).\n- alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717).\n- alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717).\n- alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717).\n- alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717).\n- alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717).\n- alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717).\n- alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717).\n- alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717).\n- alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717).\n- alsa: hda/realtek - Add support for ALC1220 (bsc#1031717).\n- alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717).\n- alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717).\n- alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717).\n- alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717).\n- alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717).\n- alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717).\n- alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717).\n- alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717).\n- alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717).\n- alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717).\n- alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717).\n- alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717).\n- alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717).\n- alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717).\n- alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717).\n- alsa: hda/realtek - New codec support for ALC257 (bsc#1031717).\n- alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717).\n- alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717).\n- alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717).\n- alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717).\n- alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717).\n- alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717).\n- alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717).\n- alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717).\n- alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717).\n- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).\n- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).\n- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).\n- alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717).\n- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).\n- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).\n- alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717).\n- alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717).\n- alsa: usb-audio: Add check return value for usb_string() (bsc#1031717).\n- alsa: usb-audio: Fix out-of-bound error (bsc#1031717).\n- alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717).\n- arc: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).\n- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).\n- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).\n- arm64: Branch predictor hardening for Cavium ThunderX2 (bsc#1068032).\n- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).\n- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).\n- arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs (bsc#1068032).\n- arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 (bsc#1068032).\n- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).\n- arm64: Define cputype macros for Falkor CPU (bsc#1068032).\n- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).\n- arm64: Do not force KPTI for CPUs that are not vulnerable (bsc#1076187).\n- arm64: do not pull uaccess.h into *.S (bsc#1068032).\n- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).\n- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).\n- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).\n- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).\n- arm64: entry: remove pointless SPSR mode check (bsc#1068032).\n- arm64: entry.S convert el0_sync (bsc#1068032).\n- arm64: entry.S: convert el1_sync (bsc#1068032).\n- arm64: entry.S: convert elX_irq (bsc#1068032).\n- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).\n- arm64: entry.S: Remove disable_dbg (bsc#1068032).\n- arm64: erratum: Work around Falkor erratum #E1003 in trampoline code (bsc#1068032).\n- arm64: explicitly mask all exceptions (bsc#1068032).\n- arm64: factor out entry stack manipulation (bsc#1068032).\n- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).\n- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).\n- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).\n- arm64: factor work_pending state machine to C (bsc#1068032).\n- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).\n- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).\n- arm64: Handle faults caused by inadvertent user access with PAN enabled (bsc#1068032).\n- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).\n- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).\n- arm64: Implement branch predictor hardening for Falkor (bsc#1068032).\n- arm64: Initialise high_memory global variable earlier (bnc#1012382).\n- arm64: introduce an order for exceptions (bsc#1068032).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).\n- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).\n- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).\n- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).\n- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).\n- arm64: kill ESR_LNX_EXEC (bsc#1068032).\n- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).\n- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bsc#1076232).\n- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm64: kvm: Make PSCI_VERSION a fast path (bsc#1068032).\n- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).\n- arm64: Mask all exceptions during kernel_exit (bsc#1068032).\n- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).\n- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).\n- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: hardcode rodata=true (bsc#1068032).\n- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).\n- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).\n- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).\n- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).\n- arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 (bsc#1068032).\n- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).\n- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).\n- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).\n- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).\n- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).\n- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).\n- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).\n- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).\n- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).\n- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).\n- arm64: thunderx2: remove branch predictor hardening References: bsc#1076232 This causes undefined instruction abort on the smc call from guest kernel. Disable until kvm is fixed.\n- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).\n- arm64: Turn on KPTI only on CPUs that need it (bsc#1076187).\n- arm64: use alternative auto-nop (bsc#1068032).\n- arm64: use RET instruction for exiting the trampoline (bsc#1068032).\n- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).\n- arm/arm64: kvm: Make default HYP mappings non-excutable (bsc#1068032).\n- arm: avoid faulting on qemu (bnc#1012382).\n- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).\n- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).\n- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).\n- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).\n- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).\n- arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382).\n- arm: dts: ti: fix PCI bus dtc warnings (bnc#1012382).\n- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).\n- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).\n- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).\n- arm: OMAP2+: Fix device node reference counts (bnc#1012382).\n- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).\n- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).\n- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).\n- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).\n- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).\n- asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717).\n- asoc: twl4030: fix child-node lookup (bsc#1031717).\n- asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717).\n- ath9k: fix tx99 potential info leak (bnc#1012382).\n- atm: horizon: Fix irq release error (bnc#1012382).\n- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).\n- axonram: Fix gendisk handling (bnc#1012382).\n- backlight: pwm_bl: Fix overflow condition (bnc#1012382).\n- bcache: add a comment in journal bucket reading (bsc#1076110).\n- bcache: Avoid nested function definition (bsc#1076110).\n- bcache: bch_allocator_thread() is not freezable (bsc#1076110).\n- bcache: bch_writeback_thread() is not freezable (bsc#1076110).\n- bcache: check return value of register_shrinker (bsc#1076110).\n- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).\n- bcache: documentation updates and corrections (bsc#1076110).\n- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).\n- bcache: do not write back data if reading it failed (bsc#1076110).\n- bcache: explicitly destroy mutex while exiting (bnc#1012382).\n- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).\n- bcache: Fix building error on MIPS (bnc#1012382).\n- bcache: fix sequential large write IO bypass (bsc#1076110).\n- bcache: fix wrong cache_misses statistics (bnc#1012382).\n- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).\n- bcache: implement PI controller for writeback rate (bsc#1076110).\n- bcache: increase the number of open buckets (bsc#1076110).\n- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110, bsc#1019784).\n- bcache: rearrange writeback main thread ratelimit (bsc#1076110).\n- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).\n- bcache: Remove redundant set_capacity (bsc#1076110).\n- bcache: remove unused parameter (bsc#1076110).\n- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085).\n- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).\n- bcache: silence static checker warning (bsc#1076110).\n- bcache: smooth writeback rate control (bsc#1076110).\n- bcache.txt: standardize document format (bsc#1076110).\n- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).\n- bcache: update bucket_in_use in real time (bsc#1076110).\n- bcache: Update continue_at() documentation (bsc#1076110).\n- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).\n- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).\n- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).\n- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).\n- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844 FATE#320192).\n- block: wake up all tasks blocked in get_request() (bnc#1012382).\n- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).\n- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).\n- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).\n- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).\n- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).\n- btrfs: clear space cache inode generation always (bnc#1012382).\n- btrfs: embed extent_changeset::range_changed to the structure (dependent patch, bsc#1031395).\n- btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (bsc#1031395).\n- btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (bsc#1031395).\n- btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependent patch, bsc#1031395).\n- btrfs: qgroup: Return actually freed bytes for qgroup release or free data (bsc#1031395).\n- btrfs: qgroup-test: Fix backport error in qgroup selftest (just to make CONFIG_BTRFS_FS_RUN_SANITY_TESTS pass compile).\n- btrfs: ulist: make the finalization function public (dependent patch, bsc#1031395).\n- btrfs: ulist: rename ulist_fini to ulist_release (dependent patch, bsc#1031395).\n- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).\n- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).\n- can: kvaser_usb: free buf in error paths (bnc#1012382).\n- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).\n- can: peak: fix potential bug in packet fragmentation (bnc#1012382).\n- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).\n- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- cdc-acm: apply quirk for card reader (bsc#1060279).\n- cdrom: factor out common open_for_* code (bsc#1048585).\n- cdrom: wait for tray to close (bsc#1048585).\n- ceph: more accurate statfs (bsc#1077068).\n- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).\n- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).\n- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).\n- config: arm64: enable HARDEN_BRANCH_PREDICTOR\n- config: arm64: enable UNMAP_KERNEL_AT_EL0\n- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).\n- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).\n- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).\n- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).\n- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).\n- crypto: chelsio - select CRYPTO_GF128MUL (bsc#1048325).\n- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).\n- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).\n- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).\n- crypto: n2 - cure use after free (bnc#1012382).\n- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).\n- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).\n- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).\n- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).\n- dax: Pass detailed error code from __dax_fault() (bsc#1072484).\n- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).\n- delay: add poll_event_interruptible (bsc#1048585).\n- dlm: fix malfunction of dlm_tool caused by debugfs changes (bsc#1077704).\n- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).\n- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).\n- dmaengine: pl330: fix double lock (bnc#1012382).\n- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).\n- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).\n- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).\n- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).\n- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).\n- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).\n- drm: extra printk() wrapper macros (bnc#1012382).\n- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).\n- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).\n- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).\n- drm/radeon: fix atombios on big endian (bnc#1012382).\n- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).\n- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).\n- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).\n- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).\n- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).\n- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).\n- edac, sb_edac: Fix missing break in switch (bnc#1012382).\n- eeprom: at24: check at24_read/write arguments (bnc#1012382).\n- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).\n- efi: Move some sysfs files to be read-only by root (bnc#1012382).\n- eventpoll.h: add missing epoll event masks (bnc#1012382).\n- ext4: fix crash when a directory's i_size is too small (bnc#1012382).\n- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).\n- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).\n- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).\n- Fix EX_SIZE. We do not have the patches that shave off parts of the exception data.\n- Fix mishandling of cases with MSR not being present (writing to MSR even though _state == -1).\n- Fix return value from ib[rs|pb]_enabled()\n- Fixup hang when calling 'nvme list' on all paths down (bsc#1070052).\n- fjes: Fix wrong netdevice feature flags (bnc#1012382).\n- flow_dissector: properly cap thoff field (bnc#1012382).\n- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).\n- fork: clear thread stack upon allocation (bsc#1077560).\n- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).\n- futex: Prevent overflow by strengthen input validation (bnc#1012382).\n- gcov: disable for COMPILE_TEST (bnc#1012382).\n- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).\n- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).\n- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).\n- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).\n- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).\n- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).\n- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).\n- i40iw: Account for IPv6 header when setting MSS (bsc#1024376 FATE#321249).\n- i40iw: Allocate a sdbuf per CQP WQE (bsc#1024376 FATE#321249).\n- i40iw: Cleanup AE processing (bsc#1024376 FATE#321249).\n- i40iw: Clear CQP Head/Tail during initialization (bsc#1024376 FATE#321249).\n- i40iw: Correct ARP index mask (bsc#1024376 FATE#321249).\n- i40iw: Do not allow posting WR after QP is flushed (bsc#1024376 FATE#321249).\n- i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE (bsc#1024376 FATE#321249).\n- i40iw: Do not generate CQE for RTR on QP flush (bsc#1024376 FATE#321249).\n- i40iw: Do not retransmit MPA request after it is ACKed (bsc#1024376 FATE#321249).\n- i40iw: Fixes for static checker warnings (bsc#1024376 FATE#321249).\n- i40iw: Ignore AE source field in AEQE for some AEs (bsc#1024376 FATE#321249).\n- i40iw: Move cqp_cmd_head init to CQP initialization (bsc#1024376 FATE#321249).\n- i40iw: Move exception_lan_queue to VSI structure (bsc#1024376 FATE#321249).\n- i40iw: Move MPA request event for loopback after connect (bsc#1024376 FATE#321249).\n- i40iw: Notify user of established connection after QP in RTS (bsc#1024376 FATE#321249).\n- i40iw: Reinitialize IEQ on MTU change (bsc#1024376 FATE#321249).\n- ib/hfi1: Fix misspelling in comment (bsc#973818, fate#319242).\n- ib/hfi1: Prevent kernel QP post send hard lockups (bsc#973818 FATE#319242).\n- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).\n- ib/ipoib: Fix race condition in neigh creation (bsc#1022595 FATE#322350).\n- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).\n- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).\n- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).\n- ib/mlx5: Serialize access to the VMA list (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).\n- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).\n- ibmvnic: Fix IP offload control buffer (bsc#1076899).\n- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).\n- ibmvnic: Fix pending MAC address changes (bsc#1075627).\n- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).\n- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).\n- ibmvnic: Wait for device response when changing MAC (bsc#1078681).\n- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (bsc#973818, fate#319242).\n- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).\n- ib/srpt: Fix ACL lookup during login (bsc#1024296 FATE#321265).\n- ib/uverbs: Fix command checking as part of ib_uverbs_ex_modify_qp() (FATE#321231 FATE#321473 FATE#322153 FATE#322149).\n- igb: check memory allocation failure (bnc#1012382).\n- ima: fix hash algorithm initialization (bnc#1012382).\n- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).\n- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).\n- input: elantech - add new icbody type 15 (bnc#1012382).\n- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).\n- input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).\n- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix child-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix DT node memory management (bnc#1012382).\n- intel_th: pci: Add Gemini Lake support (bnc#1012382).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).\n- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).\n- ip6_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).\n- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).\n- ip_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).\n- ipmi: Stop timers before cleaning up the module (bnc#1012382).\n- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).\n- ipv4: igmp: guard against silly MTU values (bnc#1012382).\n- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).\n- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).\n- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).\n- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).\n- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).\n- ipv6: mcast: better catch silly mtu values (bnc#1012382).\n- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).\n- ipvlan: fix ipv6 outbound device (bnc#1012382).\n- ipvlan: remove excessive packet scrubbing (bsc#1070799).\n- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).\n- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).\n- iscsi_iser: Re-enable 'iser_pi_guard' module parameter (bsc#1062129).\n- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).\n- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).\n- isdn: kcapi: avoid uninitialized data (bnc#1012382).\n- iser-target: Fix possible use-after-free in connection establishment error (FATE#321732).\n- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).\n- iw_cxgb4: reflect the original WR opcode in drain cqes (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).\n- iw_cxgb4: when flushing, complete all wrs in a chain (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781).\n- ixgbe: fix use of uninitialized padding (bnc#1012382).\n- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).\n- kabi fix for new hash_cred function (bsc#1012917).\n- kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076805).\n- kABI: protect struct bpf_map (kabi).\n- kABI: protect struct ipv6_pinfo (kabi).\n- kABI: protect struct t10_alua_tg_pt_gp (kabi).\n- kABI: protect struct usbip_device (kabi).\n- kabi/severities: arm64: ignore cpu capability array\n- kabi/severities: do not care about stuff_RSB\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).\n- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).\n- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).\n- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).\n- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).\n- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).\n- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).\n- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).\n- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).\n- keys: add missing permission check for request_key() destination (bnc#1012382).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).\n- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).\n- kpti: Report when enabled (bnc#1012382).\n- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).\n- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).\n- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).\n- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).\n- kvm: s390: Enable all facility bits that are known good for passthrough (bsc#1076805).\n- kvm: s390: wire up bpb feature (bsc#1076805).\n- kvm: VMX: Fix enable VPID conditions (bnc#1012382).\n- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).\n- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382 bsc#1068032).\n- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).\n- kvm: x86: correct async page present tracepoint (bnc#1012382).\n- kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382).\n- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).\n- kvm: x86: fix RSM when PCID is non-zero (bnc#1012382).\n- kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382).\n- kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382).\n- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).\n- lan78xx: Fix failure in USB Full Speed (bnc#1012382).\n- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).\n- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).\n- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).\n- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).\n- md: more open-coded offset_in_page() (bsc#1076110).\n- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).\n- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).\n- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).\n- mfd: twl6040: Fix child-node lookup (bnc#1012382).\n- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).\n- mlxsw: reg: Fix SPVM max record count (bnc#1012382).\n- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).\n- mmc: core: Do not leave the block driver in a suspended state (bnc#1012382).\n- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).\n- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).\n- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).\n- mm/mprotect: add a cond_resched() inside change_pmd_range() (bnc#1077871, bnc#1078002).\n- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).\n- module: Add retpoline tag to VERMAGIC (bnc#1012382).\n- module: set __jump_table alignment to 8 (bnc#1012382).\n- more bio_map_user_iov() leak fixes (bnc#1012382).\n- mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382).\n- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).\n- net/appletalk: Fix kernel memory disclosure (bnc#1012382).\n- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).\n- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).\n- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).\n- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).\n- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).\n- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).\n- net: core: fix module type in sock_diag_bind (bnc#1012382).\n- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).\n- net: fec: fix multicast filtering hardware setup (bnc#1012382).\n- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).\n- netfilter: do not track fragmented packets (bnc#1012382).\n- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).\n- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).\n- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).\n- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).\n- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).\n- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).\n- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).\n- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).\n- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).\n- net: initialize msg.msg_flags in recvfrom (bnc#1012382).\n- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).\n- netlink: add a start callback for starting a netlink dump (bnc#1012382).\n- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).\n- net/mlx5: Avoid NULL pointer dereference on steering cleanup (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Cleanup IRQs in case of unload failure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Add refcount to VXLAN structure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix ETS BW check (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix features check of IPv6 traffic (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare (bsc#1015342).\n- net/mlx5e: Fix possible deadlock of VXLAN lock (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Prevent possible races in VXLAN control flow (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5: Fix error flow in CREATE_QP command (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Fix rate limit packet pacing naming and struct (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Stay in polling mode when command EQ destroy fails (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).\n- net: mvneta: clear interface link status on port disable (bnc#1012382).\n- net: mvneta: eliminate wrong call to handle rx descriptor error (fate#319899).\n- net: mvneta: use proper rxq_number in loop on rx queues (fate#319899).\n- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).\n- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).\n- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).\n- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).\n- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).\n- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).\n- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).\n- net: Resend IGMP memberships upon peer notification (bnc#1012382).\n- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).\n- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).\n- net: systemport: Pad packet before inserting TSB (bnc#1012382).\n- net: systemport: Utilize skb_put_padto() (bnc#1012382).\n- net: tcp: close sock if net namespace is exiting (bnc#1012382).\n- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).\n- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).\n- nfsd: Fix another OPEN stateid race (bnc#1012382).\n- nfsd: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).\n- nfsd: fix nfsd_reset_versions for NFSv4 (bnc#1012382).\n- nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382).\n- nfsd: Make init_open_stateid() a bit more whole (bnc#1012382).\n- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).\n- nfs: Fix a typo in nfs_rename() (bnc#1012382).\n- nfs: improve shinking of access cache (bsc#1012917).\n- nfsv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).\n- nfsv4: Fix client recovery when server reboots multiple times (bnc#1012382).\n- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).\n- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).\n- nvme_fc: correct hang in nvme_ns_remove() (bsc#1075811).\n- nvme_fc: fix rogue admin cmds stalling teardown (bsc#1075811).\n- nvme-pci: Remove watchdog timer (bsc#1066163).\n- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).\n- packet: fix crash in fanout_demux_rollover() (bnc#1012382).\n- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).\n- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).\n- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).\n- pci/AER: Report non-fatal errors only to the affected endpoint (bnc#1012382).\n- pci: Avoid bus reset if bridge itself is broken (bnc#1012382).\n- pci: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).\n- pci: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).\n- pci/PME: Handle invalid data when reading Root Status (bnc#1012382).\n- pci / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).\n- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).\n- perf test attr: Fix ignored test case result (bnc#1012382).\n- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).\n- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).\n- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).\n- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).\n- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075087).\n- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).\n- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).\n- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).\n- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).\n- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).\n- powerpc/ipic: Fix status get and status clear (bnc#1012382).\n- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).\n- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).\n- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).\n- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).\n- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075087).\n- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).\n- ppp: Destroy the mutex when cleanup (bnc#1012382).\n- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).\n- pti: unbreak EFI (bsc#1074709).\n- r8152: fix the list rx_done may be used without initialization (bnc#1012382).\n- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).\n- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).\n- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).\n- ravb: Remove Rx overflow log messages (bnc#1012382).\n- rbd: set max_segments to USHRT_MAX (bnc#1012382).\n- rdma/cma: Avoid triggering undefined behavior (bnc#1012382).\n- rdma/i40iw: Remove MSS change support (bsc#1024376 FATE#321249).\n- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).\n- rds: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).\n- rds: null pointer dereference in rds_atomic_free_op (bnc#1012382).\n- Re-enable fixup detection by CPU type in case hypervisor call fails.\n- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).\n- regulator: da9063: Return an error code on probe failure (bsc#1074847).\n- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).\n- regulator: Try to resolve regulators supplies on registration (bsc#1074847).\n- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).\n- Revert 'drm/armada: Fix compile fail' (bnc#1012382).\n- Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382).\n- Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi).\n- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).\n- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (kabi).\n- Revert 'netlink: add a start callback for starting a netlink dump' (kabi).\n- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).\n- Revert 'Re-enable fixup detection by CPU type in case hypervisor call fails.' The firmware update is required for the existing instructions to also do the cache flush.\n- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).\n- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).\n- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).\n- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).\n- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).\n- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).\n- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).\n- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).\n- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).\n- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).\n- route: also update fnhe_genid when updating a route cache (bnc#1012382).\n- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).\n- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).\n- rtc: pcf8563: fix output clock rate (bnc#1012382).\n- rtc: pl031: make interrupt optional (bnc#1012382).\n- rtc: set the alarm to the next expiring timer (bnc#1012382).\n- s390: always save and restore all registers on context switch (bnc#1012382).\n- s390/cpuinfo: show facilities as reported by stfle (bnc#1076847, LTC#163740).\n- s390: fix compat system call table (bnc#1012382).\n- s390/pci: do not require AIS facility (bnc#1012382).\n- s390/qeth: no ETH header for outbound AF_IUCV (LTC#156276 bnc#1012382 bnc#1053472).\n- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).\n- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).\n- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).\n- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).\n- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).\n- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).\n- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).\n- sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476).\n- scsi: bfa: integer overflow in debugfs (bnc#1012382).\n- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).\n- scsi: handle ABORTED_COMMAND on Fujitsu ETERNUS (bsc#1069138).\n- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).\n- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).\n- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).\n- scsi: lpfc: Use after free in lpfc_rq_buf_free() (bsc#1037838).\n- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).\n- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).\n- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).\n- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).\n- scsi: sr: wait for the medium to become ready (bsc#1048585).\n- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).\n- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).\n- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).\n- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).\n- selftests/x86: Add test_vsyscall (bnc#1012382).\n- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).\n- serial: 8250_pci: Add Amazon PCI serial device ID (bnc#1012382).\n- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).\n- series.conf: move core networking (including netfilter) into sorted section\n- series.conf: whitespace cleanup\n- Set supported_modules_check 1 (bsc#1072163).\n- sfc: do not warn on successful change of MAC (bnc#1012382).\n- sh_eth: fix SH7757 GEther initialization (bnc#1012382).\n- sh_eth: fix TSU resource handling (bnc#1012382).\n- sit: update frag_off info (bnc#1012382).\n- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).\n- sparc64/mm: set fields in deferred pages (bnc#1012382).\n- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).\n- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).\n- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).\n- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).\n- sunrpc: add auth_unix hash_cred() function (bsc#1012917).\n- sunrpc: add generic_auth hash_cred() function (bsc#1012917).\n- sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917).\n- sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917).\n- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).\n- sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917).\n- sunrpc: use supplimental groups in auth hash (bsc#1012917).\n- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).\n- sysfs/cpu: Add vulnerability folder (bnc#1012382).\n- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).\n- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).\n- sysrq : fix Show Regs call trace on ARM (bnc#1012382).\n- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).\n- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).\n- target: fix ALUA transition timeout handling (bnc#1012382).\n- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).\n- target: fix race during implicit transition work flushes (bnc#1012382).\n- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).\n- target: Use system workqueue for ALUA transitions (bnc#1012382).\n- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).\n- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).\n- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).\n- tcp: __tcp_hdrlen() helper (bnc#1012382).\n- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).\n- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).\n- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).\n- tipc: fix cleanup at module unload (bnc#1012382).\n- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).\n- tipc: improve link resiliency when rps is activated (bsc#1068038).\n- tracing: Allocate mask_str buffer dynamically (bnc#1012382).\n- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).\n- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).\n- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).\n- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).\n- tty fix oops when rmmod 8250 (bnc#1012382).\n- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).\n- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).\n- udf: Avoid overflow when session starts at large offset (bnc#1012382).\n- um: link vmlinux with -no-pie (bnc#1012382).\n- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).\n- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).\n- usb: core: Add type-specific length check of BOS descriptors (bnc#1012382).\n- usb: core: prevent malicious bNumInterfaces overflow (bnc#1012382).\n- usb: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).\n- usb: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).\n- usb: fix usbmon BUG trigger (bnc#1012382).\n- usb: gadget: configs: plug memory leak (bnc#1012382).\n- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).\n- usb: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).\n- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).\n- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).\n- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).\n- usb: Increase usbfs transfer limit (bnc#1012382).\n- usbip: Fix implicit fallthrough warning (bnc#1012382).\n- usbip: Fix potential format overflow in userspace tools (bnc#1012382).\n- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).\n- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).\n- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).\n- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).\n- usbip: prevent leaking socket pointer address in messages (bnc#1012382).\n- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).\n- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).\n- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).\n- usb: musb: da8xx: fix babble condition handling (bnc#1012382).\n- usb: phy: isp1301: Add OF device ID table (bnc#1012382).\n- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).\n- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).\n- usb: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).\n- usb: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).\n- usb: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).\n- usb: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).\n- usb: serial: option: add Quectel BG96 id (bnc#1012382).\n- usb: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).\n- usb: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).\n- usb: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).\n- usb: usbfs: Filter flags passed in from user space (bnc#1012382).\n- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).\n- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).\n- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).\n- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).\n- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).\n- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).\n- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).\n- virtio: release virtio index when fail to device_register (bnc#1012382).\n- vmxnet3: repair memory leak (bnc#1012382).\n- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).\n- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).\n- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).\n- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).\n- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).\n- writeback: fix memory leak in wb_queue_work() (bnc#1012382).\n- x.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).\n- x509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).\n- x.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).\n- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).\n- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).\n- x86/alternatives: Add missing '\\n' at end of ALTERNATIVE inline asm (bnc#1012382).\n- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).\n- x86/apic/vector: Fix off by one in error path (bnc#1012382).\n- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).\n- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).\n- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).\n- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).\n- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).\n- x86/cpu: Rename Merrifield2 to Moorefield (bsc#985025).\n- x86/cpu: Rename 'WESTMERE2' family to 'NEHALEM_G' (bsc#985025).\n- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).\n- x86/Documentation: Add PTI description (bnc#1012382).\n- x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382).\n- x86/efi: Build our own page table structures (fate#320512).\n- x86/efi: Hoist page table switching code into efi_call_virt() (fate#320512).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).\n- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).\n- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).\n- x86/kasan: Write protect kasan zero shadow (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).\n- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).\n- x86/mm: Disable PCID on 32-bit kernels (bnc#1012382).\n- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (fate#320588).\n- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).\n- x86/pti: Document fix wrong index (bnc#1012382).\n- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).\n- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).\n- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).\n- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).\n- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).\n- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).\n- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).\n- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).\n- xen-netfront: Improve error handling during initialization (bnc#1012382).\n- xfrm: Copy policy family in clone_policy (bnc#1012382).\n- xfs: add configurable error support to metadata buffers (bsc#1068569).\n- xfs: add configuration handlers for specific errors (bsc#1068569).\n- xfs: add configuration of error failure speed (bsc#1068569).\n- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).\n- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).\n- xfs: address kabi for xfs buffer retry infrastructure (kabi).\n- xfs: configurable error behavior via sysfs (bsc#1068569).\n- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).\n- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).\n- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).\n- xfs: introduce metadata IO error class (bsc#1068569).\n- xfs: introduce table-based init for error behaviors (bsc#1068569).\n- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).\n- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).\n- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).\n- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).\n- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).\n- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).\n- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-CAASP-ALL-2018-271,SUSE-SLE-DESKTOP-12-SP3-2018-271,SUSE-SLE-HA-12-SP3-2018-271,SUSE-SLE-Live-Patching-12-SP3-2018-271,SUSE-SLE-SDK-12-SP3-2018-271,SUSE-SLE-SERVER-12-SP3-2018-271,SUSE-SLE-WE-12-SP3-2018-271", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0383-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:0383-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20180383-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:0383-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-February/003711.html", }, { category: "self", summary: "SUSE Bug 1005778", url: "https://bugzilla.suse.com/1005778", }, { category: "self", summary: "SUSE Bug 1005780", url: "https://bugzilla.suse.com/1005780", }, { category: "self", summary: "SUSE Bug 1005781", url: "https://bugzilla.suse.com/1005781", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1012917", url: "https://bugzilla.suse.com/1012917", }, { category: "self", summary: "SUSE Bug 1015342", url: "https://bugzilla.suse.com/1015342", }, { category: "self", summary: "SUSE Bug 1015343", url: "https://bugzilla.suse.com/1015343", }, { category: "self", summary: "SUSE Bug 1019784", url: "https://bugzilla.suse.com/1019784", }, { category: "self", summary: "SUSE Bug 1022476", url: "https://bugzilla.suse.com/1022476", }, { category: "self", summary: "SUSE Bug 1022595", url: "https://bugzilla.suse.com/1022595", }, { category: "self", summary: "SUSE Bug 1022912", url: "https://bugzilla.suse.com/1022912", }, { category: "self", summary: "SUSE Bug 1024296", url: "https://bugzilla.suse.com/1024296", }, { category: "self", summary: "SUSE Bug 1024376", url: "https://bugzilla.suse.com/1024376", }, { category: "self", summary: "SUSE Bug 1031395", url: "https://bugzilla.suse.com/1031395", }, { category: "self", summary: "SUSE Bug 1031492", url: "https://bugzilla.suse.com/1031492", }, { category: "self", summary: "SUSE Bug 1031717", url: "https://bugzilla.suse.com/1031717", }, { category: "self", summary: "SUSE Bug 1037838", url: "https://bugzilla.suse.com/1037838", }, { category: "self", summary: "SUSE Bug 1038078", url: "https://bugzilla.suse.com/1038078", }, { category: "self", summary: "SUSE Bug 1038085", url: "https://bugzilla.suse.com/1038085", }, { category: "self", summary: "SUSE Bug 1040182", url: "https://bugzilla.suse.com/1040182", }, { category: "self", summary: "SUSE Bug 1043652", url: "https://bugzilla.suse.com/1043652", }, { category: "self", summary: "SUSE Bug 1048325", url: "https://bugzilla.suse.com/1048325", }, { category: "self", summary: "SUSE Bug 1048585", url: "https://bugzilla.suse.com/1048585", }, { category: "self", summary: "SUSE Bug 1053472", url: "https://bugzilla.suse.com/1053472", }, { category: "self", summary: "SUSE Bug 1060279", url: "https://bugzilla.suse.com/1060279", }, { category: "self", summary: "SUSE Bug 1062129", url: "https://bugzilla.suse.com/1062129", }, { category: "self", summary: "SUSE Bug 1066163", url: "https://bugzilla.suse.com/1066163", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068038", url: "https://bugzilla.suse.com/1068038", }, { category: "self", summary: "SUSE Bug 1068569", url: "https://bugzilla.suse.com/1068569", }, { category: "self", summary: "SUSE Bug 1068984", url: "https://bugzilla.suse.com/1068984", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1069160", url: "https://bugzilla.suse.com/1069160", }, { category: "self", summary: "SUSE Bug 1070052", url: "https://bugzilla.suse.com/1070052", }, { category: "self", summary: "SUSE Bug 1070799", url: "https://bugzilla.suse.com/1070799", }, { category: "self", summary: "SUSE Bug 1072163", url: "https://bugzilla.suse.com/1072163", }, { category: "self", summary: "SUSE Bug 1072484", url: "https://bugzilla.suse.com/1072484", }, { category: "self", summary: "SUSE Bug 1073229", url: "https://bugzilla.suse.com/1073229", }, { category: "self", summary: "SUSE Bug 1073928", url: "https://bugzilla.suse.com/1073928", }, { category: "self", summary: "SUSE Bug 1074134", url: "https://bugzilla.suse.com/1074134", }, { category: "self", summary: "SUSE Bug 1074488", url: "https://bugzilla.suse.com/1074488", }, { category: "self", summary: "SUSE Bug 1074621", url: "https://bugzilla.suse.com/1074621", }, { category: "self", summary: "SUSE Bug 1074709", url: "https://bugzilla.suse.com/1074709", }, { category: "self", summary: "SUSE Bug 1074839", url: "https://bugzilla.suse.com/1074839", }, { category: "self", summary: "SUSE Bug 1074847", url: "https://bugzilla.suse.com/1074847", }, { category: "self", summary: "SUSE Bug 1075066", url: "https://bugzilla.suse.com/1075066", }, { category: "self", summary: "SUSE Bug 1075078", url: "https://bugzilla.suse.com/1075078", }, { category: "self", summary: "SUSE Bug 1075087", url: "https://bugzilla.suse.com/1075087", }, { category: "self", summary: "SUSE Bug 1075091", url: "https://bugzilla.suse.com/1075091", }, { category: "self", summary: "SUSE Bug 1075397", url: "https://bugzilla.suse.com/1075397", }, { category: "self", summary: "SUSE Bug 1075428", url: "https://bugzilla.suse.com/1075428", }, { category: "self", summary: "SUSE Bug 1075617", url: "https://bugzilla.suse.com/1075617", }, { category: "self", summary: "SUSE Bug 1075621", url: "https://bugzilla.suse.com/1075621", }, { category: "self", summary: "SUSE Bug 1075627", url: "https://bugzilla.suse.com/1075627", }, { category: "self", summary: "SUSE Bug 1075811", url: "https://bugzilla.suse.com/1075811", }, { category: "self", summary: "SUSE Bug 1075994", url: "https://bugzilla.suse.com/1075994", }, { category: "self", summary: "SUSE Bug 1076017", url: "https://bugzilla.suse.com/1076017", }, { category: "self", summary: "SUSE Bug 1076110", url: "https://bugzilla.suse.com/1076110", }, { category: "self", summary: "SUSE Bug 1076187", url: "https://bugzilla.suse.com/1076187", }, { category: "self", summary: "SUSE Bug 1076232", url: "https://bugzilla.suse.com/1076232", }, { category: "self", summary: "SUSE Bug 1076805", url: "https://bugzilla.suse.com/1076805", }, { category: "self", summary: "SUSE Bug 1076847", url: "https://bugzilla.suse.com/1076847", }, { category: "self", summary: "SUSE Bug 1076872", url: "https://bugzilla.suse.com/1076872", }, { category: "self", summary: "SUSE Bug 1076899", url: "https://bugzilla.suse.com/1076899", }, { category: "self", summary: "SUSE Bug 1077068", url: "https://bugzilla.suse.com/1077068", }, { category: "self", summary: "SUSE Bug 1077560", url: "https://bugzilla.suse.com/1077560", }, { category: "self", summary: "SUSE Bug 1077592", url: "https://bugzilla.suse.com/1077592", }, { category: "self", summary: "SUSE Bug 1077704", url: "https://bugzilla.suse.com/1077704", }, { category: "self", summary: "SUSE Bug 1077871", url: "https://bugzilla.suse.com/1077871", }, { category: "self", summary: "SUSE Bug 1078002", url: "https://bugzilla.suse.com/1078002", }, { category: "self", summary: "SUSE Bug 1078681", url: "https://bugzilla.suse.com/1078681", }, { category: "self", summary: "SUSE Bug 963844", url: "https://bugzilla.suse.com/963844", }, { category: "self", summary: "SUSE Bug 966170", url: "https://bugzilla.suse.com/966170", }, { category: "self", summary: "SUSE Bug 966172", url: "https://bugzilla.suse.com/966172", }, { category: "self", summary: "SUSE Bug 973818", url: "https://bugzilla.suse.com/973818", }, { category: "self", summary: "SUSE Bug 985025", url: "https://bugzilla.suse.com/985025", }, { category: "self", summary: "SUSE CVE CVE-2017-15129 page", url: "https://www.suse.com/security/cve/CVE-2017-15129/", }, { category: "self", summary: "SUSE CVE CVE-2017-17712 page", url: "https://www.suse.com/security/cve/CVE-2017-17712/", }, { category: "self", summary: "SUSE CVE CVE-2017-17862 page", url: "https://www.suse.com/security/cve/CVE-2017-17862/", }, { category: "self", summary: "SUSE CVE CVE-2017-17864 page", url: "https://www.suse.com/security/cve/CVE-2017-17864/", }, { category: "self", summary: "SUSE CVE CVE-2017-18017 page", url: "https://www.suse.com/security/cve/CVE-2017-18017/", }, { category: "self", summary: "SUSE CVE CVE-2017-5715 page", url: "https://www.suse.com/security/cve/CVE-2017-5715/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000004 page", url: "https://www.suse.com/security/cve/CVE-2018-1000004/", }, { category: "self", summary: "SUSE CVE CVE-2018-5332 page", url: "https://www.suse.com/security/cve/CVE-2018-5332/", }, { category: "self", summary: "SUSE CVE CVE-2018-5333 page", url: "https://www.suse.com/security/cve/CVE-2018-5333/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-02-07T13:35:19Z", generator: { date: "2018-02-07T13:35:19Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:0383-1", initial_release_date: "2018-02-07T13:35:19Z", revision_history: [ { date: "2018-02-07T13:35:19Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-obs-build-4.4.114-94.11.3.aarch64", product: { name: "kernel-obs-build-4.4.114-94.11.3.aarch64", product_id: "kernel-obs-build-4.4.114-94.11.3.aarch64", }, }, { category: "product_version", name: "kernel-default-4.4.114-94.11.3.aarch64", product: { name: "kernel-default-4.4.114-94.11.3.aarch64", product_id: "kernel-default-4.4.114-94.11.3.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-94.11.3.aarch64", product: { name: "kernel-default-base-4.4.114-94.11.3.aarch64", product_id: "kernel-default-base-4.4.114-94.11.3.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-94.11.3.aarch64", product: { name: "kernel-default-devel-4.4.114-94.11.3.aarch64", product_id: "kernel-default-devel-4.4.114-94.11.3.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.114-94.11.2.aarch64", product: { name: "kernel-syms-4.4.114-94.11.2.aarch64", product_id: "kernel-syms-4.4.114-94.11.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.114-94.11.2.noarch", product: { name: "kernel-devel-4.4.114-94.11.2.noarch", product_id: "kernel-devel-4.4.114-94.11.2.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.114-94.11.2.noarch", product: { name: "kernel-macros-4.4.114-94.11.2.noarch", product_id: "kernel-macros-4.4.114-94.11.2.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.114-94.11.2.noarch", product: { name: "kernel-source-4.4.114-94.11.2.noarch", product_id: "kernel-source-4.4.114-94.11.2.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.114-94.11.4.noarch", product: { name: "kernel-docs-4.4.114-94.11.4.noarch", product_id: "kernel-docs-4.4.114-94.11.4.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", product: { name: "cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", product_id: "cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.114-94.11.3.ppc64le", product: { name: "dlm-kmp-default-4.4.114-94.11.3.ppc64le", product_id: "dlm-kmp-default-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.114-94.11.3.ppc64le", product: { name: "gfs2-kmp-default-4.4.114-94.11.3.ppc64le", product_id: "gfs2-kmp-default-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", product: { name: "ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", product_id: "ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", product: { name: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", product_id: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.114-94.11.3.ppc64le", product: { name: "kernel-obs-build-4.4.114-94.11.3.ppc64le", product_id: "kernel-obs-build-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.114-94.11.3.ppc64le", product: { name: "kernel-default-4.4.114-94.11.3.ppc64le", product_id: "kernel-default-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-94.11.3.ppc64le", product: { name: "kernel-default-base-4.4.114-94.11.3.ppc64le", product_id: "kernel-default-base-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-94.11.3.ppc64le", product: { name: "kernel-default-devel-4.4.114-94.11.3.ppc64le", product_id: "kernel-default-devel-4.4.114-94.11.3.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.114-94.11.2.ppc64le", product: { name: "kernel-syms-4.4.114-94.11.2.ppc64le", product_id: "kernel-syms-4.4.114-94.11.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.114-94.11.3.s390x", product: { name: "cluster-md-kmp-default-4.4.114-94.11.3.s390x", product_id: "cluster-md-kmp-default-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.114-94.11.3.s390x", product: { name: "dlm-kmp-default-4.4.114-94.11.3.s390x", product_id: "dlm-kmp-default-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.114-94.11.3.s390x", product: { name: "gfs2-kmp-default-4.4.114-94.11.3.s390x", product_id: "gfs2-kmp-default-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.114-94.11.3.s390x", product: { name: "ocfs2-kmp-default-4.4.114-94.11.3.s390x", product_id: "ocfs2-kmp-default-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.114-94.11.3.s390x", product: { name: "kernel-obs-build-4.4.114-94.11.3.s390x", product_id: "kernel-obs-build-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.114-94.11.3.s390x", product: { name: "kernel-default-4.4.114-94.11.3.s390x", product_id: "kernel-default-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-94.11.3.s390x", product: { name: "kernel-default-base-4.4.114-94.11.3.s390x", product_id: "kernel-default-base-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-94.11.3.s390x", product: { name: "kernel-default-devel-4.4.114-94.11.3.s390x", product_id: "kernel-default-devel-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.114-94.11.3.s390x", product: { name: "kernel-default-man-4.4.114-94.11.3.s390x", product_id: "kernel-default-man-4.4.114-94.11.3.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.114-94.11.2.s390x", product: { name: "kernel-syms-4.4.114-94.11.2.s390x", product_id: "kernel-syms-4.4.114-94.11.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.4.114-94.11.3.x86_64", product: { name: "kernel-default-4.4.114-94.11.3.x86_64", product_id: "kernel-default-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.114-94.11.3.x86_64", product: { name: "kernel-default-devel-4.4.114-94.11.3.x86_64", product_id: "kernel-default-devel-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.114-94.11.3.x86_64", product: { name: "kernel-default-extra-4.4.114-94.11.3.x86_64", product_id: "kernel-default-extra-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.114-94.11.2.x86_64", product: { name: "kernel-syms-4.4.114-94.11.2.x86_64", product_id: "kernel-syms-4.4.114-94.11.2.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.114-94.11.3.x86_64", product: { name: "cluster-md-kmp-default-4.4.114-94.11.3.x86_64", product_id: "cluster-md-kmp-default-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.114-94.11.3.x86_64", product: { name: "dlm-kmp-default-4.4.114-94.11.3.x86_64", product_id: "dlm-kmp-default-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.114-94.11.3.x86_64", product: { name: "gfs2-kmp-default-4.4.114-94.11.3.x86_64", product_id: "gfs2-kmp-default-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.114-94.11.3.x86_64", product: { name: "ocfs2-kmp-default-4.4.114-94.11.3.x86_64", product_id: "ocfs2-kmp-default-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", product: { name: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", product_id: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.114-94.11.3.x86_64", product: { name: "kernel-obs-build-4.4.114-94.11.3.x86_64", product_id: "kernel-obs-build-4.4.114-94.11.3.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.114-94.11.3.x86_64", product: { name: "kernel-default-base-4.4.114-94.11.3.x86_64", product_id: "kernel-default-base-4.4.114-94.11.3.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP3", product: { name: "SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12 SP3", product: { name: "SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 12 SP3", product: { name: "SUSE Linux Enterprise Workstation Extension 12 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-extra-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", }, product_reference: "kernel-devel-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", }, product_reference: "kernel-macros-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", }, product_reference: "kernel-source-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", }, product_reference: "kernel-syms-4.4.114-94.11.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", }, product_reference: "cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", }, product_reference: "cluster-md-kmp-default-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", }, product_reference: "cluster-md-kmp-default-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", }, product_reference: "dlm-kmp-default-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", }, product_reference: "dlm-kmp-default-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", }, product_reference: "dlm-kmp-default-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", }, product_reference: "gfs2-kmp-default-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", }, product_reference: "gfs2-kmp-default-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", }, product_reference: "gfs2-kmp-default-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", }, product_reference: "ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", }, product_reference: "ocfs2-kmp-default-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", }, product_reference: "ocfs2-kmp-default-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", }, product_reference: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", }, product_reference: "kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.4.114-94.11.4.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", }, product_reference: "kernel-docs-4.4.114-94.11.4.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-94.11.3.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", }, product_reference: "kernel-obs-build-4.4.114-94.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", }, product_reference: "kernel-obs-build-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", }, product_reference: "kernel-obs-build-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-obs-build-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", }, product_reference: "kernel-default-4.4.114-94.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", }, product_reference: "kernel-default-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", }, product_reference: "kernel-default-base-4.4.114-94.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", }, product_reference: "kernel-default-base-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-base-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-base-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-man-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", }, product_reference: "kernel-devel-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", }, product_reference: "kernel-macros-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", }, product_reference: "kernel-source-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", }, product_reference: "kernel-syms-4.4.114-94.11.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", }, product_reference: "kernel-syms-4.4.114-94.11.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", }, product_reference: "kernel-syms-4.4.114-94.11.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", }, product_reference: "kernel-syms-4.4.114-94.11.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", }, product_reference: "kernel-default-4.4.114-94.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", }, product_reference: "kernel-default-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", }, product_reference: "kernel-default-base-4.4.114-94.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", }, product_reference: "kernel-default-base-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-base-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-base-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-devel-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.114-94.11.3.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", }, product_reference: "kernel-default-man-4.4.114-94.11.3.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", }, product_reference: "kernel-devel-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", }, product_reference: "kernel-macros-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.114-94.11.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", }, product_reference: "kernel-source-4.4.114-94.11.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", }, product_reference: "kernel-syms-4.4.114-94.11.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", }, product_reference: "kernel-syms-4.4.114-94.11.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", }, product_reference: "kernel-syms-4.4.114-94.11.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.114-94.11.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", }, product_reference: "kernel-syms-4.4.114-94.11.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.114-94.11.3.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", }, product_reference: "kernel-default-extra-4.4.114-94.11.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15129", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15129", url: "https://www.suse.com/security/cve/CVE-2017-15129", }, { category: "external", summary: "SUSE Bug 1074839 for CVE-2017-15129", url: "https://bugzilla.suse.com/1074839", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "moderate", }, ], title: "CVE-2017-15129", }, { cve: "CVE-2017-17712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17712", }, ], notes: [ { category: "general", text: "The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17712", url: "https://www.suse.com/security/cve/CVE-2017-17712", }, { category: "external", summary: "SUSE Bug 1073229 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073229", }, { category: "external", summary: "SUSE Bug 1073230 for CVE-2017-17712", url: "https://bugzilla.suse.com/1073230", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "important", }, ], title: "CVE-2017-17712", }, { cve: "CVE-2017-17862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17862", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17862", url: "https://www.suse.com/security/cve/CVE-2017-17862", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17862", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "moderate", }, ], title: "CVE-2017-17862", }, { cve: "CVE-2017-17864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17864", }, ], notes: [ { category: "general", text: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17864", url: "https://www.suse.com/security/cve/CVE-2017-17864", }, { category: "external", summary: "SUSE Bug 1073928 for CVE-2017-17864", url: "https://bugzilla.suse.com/1073928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "moderate", }, ], title: "CVE-2017-17864", }, { cve: "CVE-2017-18017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18017", }, ], notes: [ { category: "general", text: "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18017", url: "https://www.suse.com/security/cve/CVE-2017-18017", }, { category: "external", summary: "SUSE Bug 1074488 for CVE-2017-18017", url: "https://bugzilla.suse.com/1074488", }, { category: "external", summary: "SUSE Bug 1080255 for CVE-2017-18017", url: "https://bugzilla.suse.com/1080255", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-18017", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-18017", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 971126 for CVE-2017-18017", url: "https://bugzilla.suse.com/971126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "important", }, ], title: "CVE-2017-18017", }, { cve: "CVE-2017-5715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5715", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5715", url: "https://www.suse.com/security/cve/CVE-2017-5715", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5715", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1074741 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074741", }, { category: "external", summary: "SUSE Bug 1074919 for CVE-2017-5715", url: "https://bugzilla.suse.com/1074919", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075007 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075007", }, { category: "external", summary: "SUSE Bug 1075262 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075262", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5715", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1076115 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076115", }, { category: "external", summary: "SUSE Bug 1076372 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076372", }, { category: "external", summary: "SUSE Bug 1076606 for CVE-2017-5715", url: "https://bugzilla.suse.com/1076606", }, { category: "external", summary: "SUSE Bug 1078353 for CVE-2017-5715", url: "https://bugzilla.suse.com/1078353", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5715", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087887 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087887", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5715", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1088147 for CVE-2017-5715", url: "https://bugzilla.suse.com/1088147", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5715", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-5715", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1095735 for CVE-2017-5715", url: "https://bugzilla.suse.com/1095735", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2017-5715", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105108 for CVE-2017-5715", url: "https://bugzilla.suse.com/1105108", }, { category: "external", summary: "SUSE Bug 1126516 for CVE-2017-5715", url: "https://bugzilla.suse.com/1126516", }, { category: "external", summary: "SUSE Bug 1173489 for CVE-2017-5715", url: "https://bugzilla.suse.com/1173489", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5715", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201457 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201457", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5715", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1203236 for CVE-2017-5715", url: "https://bugzilla.suse.com/1203236", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "important", }, ], title: "CVE-2017-5715", }, { cve: "CVE-2018-1000004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000004", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1000004", url: "https://www.suse.com/security/cve/CVE-2018-1000004", }, { category: "external", summary: "SUSE Bug 1076017 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1076017", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-1000004", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "moderate", }, ], title: "CVE-2018-1000004", }, { cve: "CVE-2018-5332", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5332", }, ], notes: [ { category: "general", text: "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5332", url: "https://www.suse.com/security/cve/CVE-2018-5332", }, { category: "external", summary: "SUSE Bug 1075621 for CVE-2018-5332", url: "https://bugzilla.suse.com/1075621", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5332", url: "https://bugzilla.suse.com/1091815", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-5332", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "low", }, ], title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5333", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5333", url: "https://www.suse.com/security/cve/CVE-2018-5333", }, { category: "external", summary: "SUSE Bug 1075617 for CVE-2018-5333", url: "https://bugzilla.suse.com/1075617", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-5333", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-1-4.3.5.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.114-94.11.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.114-94.11.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.114-94.11.4.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.114-94.11.3.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.114-94.11.3.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-02-07T13:35:19Z", details: "low", }, ], title: "CVE-2018-5333", }, ], }
fkie_cve-2017-17862
Vulnerability from fkie_nvd
Published
2017-12-27 17:08
Modified
2024-11-21 03:18
Severity ?
Summary
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "4DD5F65B-785C-436C-9177-6C16E228C08D", versionEndIncluding: "4.14.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", }, { lang: "es", value: "kernel/bpf/verifier.c en el kernel de Linux hasta la versión 4.14.8 ignora el código inalcanzable, incluso aunque sea procesado por compiladores en tiempo de ejecución o JIT. Este comportamiento, que también se considera un problema de lógica de poda de ramas incorrecta, podría ser utilizado por usuarios locales para provocar una denegación de servicio (DoS).", }, ], id: "CVE-2017-17862", lastModified: "2024-11-21T03:18:50.457", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-27T17:08:20.437", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102325", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040057", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/3619-1/", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/3619-2/", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/usn/usn-3523-2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-4073", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg206984.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102325", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/3619-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/3619-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/usn/usn-3523-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-4073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg206984.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-9x5q-ww2j-jw9x
Vulnerability from github
Published
2022-05-14 03:32
Modified
2022-05-14 03:32
Severity ?
Details
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.
{ affected: [], aliases: [ "CVE-2017-17862", ], database_specific: { cwe_ids: [ "CWE-20", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2017-12-27T17:08:00Z", severity: "MODERATE", }, details: "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", id: "GHSA-9x5q-ww2j-jw9x", modified: "2022-05-14T03:32:53Z", published: "2022-05-14T03:32:53Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17862", }, { type: "WEB", url: "https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { type: "WEB", url: "https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security", }, { type: "WEB", url: "https://usn.ubuntu.com/3619-1", }, { type: "WEB", url: "https://usn.ubuntu.com/3619-2", }, { type: "WEB", url: "https://usn.ubuntu.com/usn/usn-3523-2", }, { type: "WEB", url: "https://www.debian.org/security/2017/dsa-4073", }, { type: "WEB", url: "https://www.spinics.net/lists/stable/msg206984.html", }, { type: "WEB", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467", }, { type: "WEB", url: "http://www.securityfocus.com/bid/102325", }, { type: "WEB", url: "http://www.securitytracker.com/id/1040057", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.