Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-18221 (GCVE-0-2017-18221)
Vulnerability from cvelistv5
Published
2018-03-07 08:00
Modified
2024-08-05 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "USN-3655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
},
{
"name": "USN-3655-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "103321",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103321"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-30T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "USN-3655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
},
{
"name": "USN-3655-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "103321",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103321"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "USN-3655-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4",
"refsource": "MISC",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
},
{
"name": "USN-3655-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "103321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103321"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18221",
"datePublished": "2018-03-07T08:00:00",
"dateReserved": "2018-03-07T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-18221\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-07T08:29:00.263\",\"lastModified\":\"2024-11-21T03:19:36.310\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n __munlock_pagevec en mm/mlock.c en el kernel de Linux, en versiones anteriores a la 4.11.4, permite que usuarios locales provoquen una denegaci\u00f3n de servicio (corrupci\u00f3n de contabilidad NR_MLOCK) mediante el uso manipulado de llamadas del sistema mlockall y munlockall.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.11.4\",\"matchCriteriaId\":\"D5585AF1-24A5-486E-B916-B18EBF5851A7\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/103321\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3655-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3655-2/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/103321\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3655-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3655-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
}
}
suse-su-2018:0848-1
Vulnerability from csaf_suse
Published
2018-03-29 12:28
Modified
2018-03-29 12:28
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface
for bridging. This allowed a privileged user to arbitrarily write to a limited
range of kernel memory (bnc#1085107).
- CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a
denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall
and munlockall system calls (bnc#1084323).
- CVE-2018-1066: Prevent NULL pointer dereference in
fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a
CIFS server to kernel panic a client that has this server mounted, because an
empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled
during session recovery (bnc#1083640).
- CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel
v4l2 video driver (bnc#1072865).
- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose
kernel memory addresses. Successful exploitation required that a USB device was
attached over IP (bnc#1078674).
- CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that
already exists but is uninstantiated, which allowed local users to cause a
denial of service (NULL pointer dereference and system crash) or possibly have
unspecified other impact via a crafted system call (bnc#1063416).
- CVE-2017-18208: The madvise_willneed function kernel allowed local users to
cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED
for a DAX mapping (bnc#1083494).
- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand
by invoking snd_seq_pool_init() when the first write happens and the pool is
empty. A user could have reset the pool size manually via ioctl concurrently,
which may have lead UAF or out-of-bound access (bsc#1083483).
- CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a
denial of service (deadlock) via DIO requests (bnc#1083244).
- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a
denial of service (improper error handling and system crash) or possibly have
unspecified other impact via a crafted USB device (bnc#1067118).
- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial
of service (integer overflow) or possibly have unspecified other impact by
triggering a negative wake or requeue value (bnc#1080757).
- CVE-2017-16914: The 'stub_send_ret_submit()' function allowed attackers to
cause a denial of service (NULL pointer dereference) via a specially crafted
USB over IP packet (bnc#1078669).
- CVE-2016-7915: The hid_input_field function allowed physically proximate
attackers to obtain sensitive information from kernel memory or cause a denial
of service (out-of-bounds read) by connecting a device (bnc#1010470).
- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did
unbalanced refcounting when a SCSI I/O vector had small consecutive buffers
belonging to the same page. The bio_add_pc_page function merged them into one,
but the page reference was never dropped. This caused a memory leak and
possible system lockup (exploitable against the host OS by a guest OS user, if
a SCSI disk is passed through to a virtual machine) due to an out-of-memory
condition (bnc#1062568).
- CVE-2017-16912: The 'get_pipe()' function allowed attackers to cause a denial
of service (out-of-bounds read) via a specially crafted USB over IP packet
(bnc#1078673).
- CVE-2017-16913: The 'stub_recv_cmd_submit()' function when handling
CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary
memory allocation) via a specially crafted USB over IP packet (bnc#1078672).
- CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value
that is used during DMA page allocation, leading to a heap-based out-of-bounds
write (related to the rds_rdma_extra_size function in net/rds/rdma.c)
(bnc#1075621).
- CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled
cases where page pinning fails or an invalid address is supplied, leading to an
rds_atomic_free_op NULL pointer dereference (bnc#1075617).
- CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to
cause a denial of service (use-after-free and memory corruption) or possibly
have unspecified other impact by leveraging the presence of xt_TCPMSS in an
iptables action (bnc#1074488).
The following non-security bugs were fixed:
- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).
- KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001).
- KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001).
- NFS: Add a cond_resched() to nfs_commit_release_pages() (bsc#1077779).
- btrfs: qgroup: move noisy underflow warning to debugging build (bsc#1055755 and bsc#1080287).
- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).
- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).
- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).
- x86/kaiser: use trampoline stack for kernel entry (bsc#1077560)
- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).
- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299).
- livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299)
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).
- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).
- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).
- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).
- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).
- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).
- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).
- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).
- packet: only call dev_add_pack() on freshly allocated fanout instances
- pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330).
- powerpc/64s: Improve RFI L1-D cache flush fallback (bsc#1068032, bsc#1077182).
- powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove (bsc#1081512).
- powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).
- powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).
- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).
- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).
- rfi-flush: Move the logic to avoid a redo into the debugfs code (bsc#1068032, bsc#1077182).
- rfi-flush: Switch to new linear fallback flush (bsc#1068032, bsc#1077182).
Patchnames
SUSE-OpenStack-Cloud-6-2018-568,SUSE-SLE-Module-Public-Cloud-12-2018-568,SUSE-SLE-SAP-12-SP1-2018-568,SUSE-SLE-SERVER-12-SP1-2018-568
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface\n for bridging. This allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bnc#1085107).\n- CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a\n denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall\n and munlockall system calls (bnc#1084323).\n- CVE-2018-1066: Prevent NULL pointer dereference in\n fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a\n CIFS server to kernel panic a client that has this server mounted, because an\n empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled\n during session recovery (bnc#1083640).\n- CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel\n v4l2 video driver (bnc#1072865).\n- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose\n kernel memory addresses. Successful exploitation required that a USB device was\n attached over IP (bnc#1078674).\n- CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that\n already exists but is uninstantiated, which allowed local users to cause a\n denial of service (NULL pointer dereference and system crash) or possibly have\n unspecified other impact via a crafted system call (bnc#1063416).\n- CVE-2017-18208: The madvise_willneed function kernel allowed local users to\n cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED\n for a DAX mapping (bnc#1083494).\n- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand\n by invoking snd_seq_pool_init() when the first write happens and the pool is\n empty. A user could have reset the pool size manually via ioctl concurrently,\n which may have lead UAF or out-of-bound access (bsc#1083483).\n- CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a\n denial of service (deadlock) via DIO requests (bnc#1083244).\n- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a\n denial of service (improper error handling and system crash) or possibly have\n unspecified other impact via a crafted USB device (bnc#1067118).\n- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial\n of service (integer overflow) or possibly have unspecified other impact by\n triggering a negative wake or requeue value (bnc#1080757).\n- CVE-2017-16914: The \u0027stub_send_ret_submit()\u0027 function allowed attackers to\n cause a denial of service (NULL pointer dereference) via a specially crafted\n USB over IP packet (bnc#1078669).\n- CVE-2016-7915: The hid_input_field function allowed physically proximate\n attackers to obtain sensitive information from kernel memory or cause a denial\n of service (out-of-bounds read) by connecting a device (bnc#1010470).\n- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did\n unbalanced refcounting when a SCSI I/O vector had small consecutive buffers\n belonging to the same page. The bio_add_pc_page function merged them into one,\n but the page reference was never dropped. This caused a memory leak and\n possible system lockup (exploitable against the host OS by a guest OS user, if\n a SCSI disk is passed through to a virtual machine) due to an out-of-memory\n condition (bnc#1062568).\n- CVE-2017-16912: The \u0027get_pipe()\u0027 function allowed attackers to cause a denial\n of service (out-of-bounds read) via a specially crafted USB over IP packet\n (bnc#1078673).\n- CVE-2017-16913: The \u0027stub_recv_cmd_submit()\u0027 function when handling\n CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary\n memory allocation) via a specially crafted USB over IP packet (bnc#1078672).\n- CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value\n that is used during DMA page allocation, leading to a heap-based out-of-bounds\n write (related to the rds_rdma_extra_size function in net/rds/rdma.c)\n (bnc#1075621).\n- CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled\n cases where page pinning fails or an invalid address is supplied, leading to an\n rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to\n cause a denial of service (use-after-free and memory corruption) or possibly\n have unspecified other impact by leveraging the presence of xt_TCPMSS in an\n iptables action (bnc#1074488).\n \nThe following non-security bugs were fixed:\n\n- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).\n- KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001).\n- KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001).\n- NFS: Add a cond_resched() to nfs_commit_release_pages() (bsc#1077779).\n- btrfs: qgroup: move noisy underflow warning to debugging build (bsc#1055755 and bsc#1080287).\n- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).\n- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).\n- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).\n- x86/kaiser: use trampoline stack for kernel entry (bsc#1077560)\n- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).\n- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299).\n- livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299)\n- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: move \u0027helper\u0027 functions to __get/put_v4l2_format32 (bnc#1012382).\n- media: v4l2-compat-ioctl32: Copy v4l2_window-\u003eglobal_alpha (bnc#1012382).\n- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).\n- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).\n- packet: only call dev_add_pack() on freshly allocated fanout instances\n- pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330).\n- powerpc/64s: Improve RFI L1-D cache flush fallback (bsc#1068032, bsc#1077182).\n- powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove (bsc#1081512).\n- powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).\n- powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).\n- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).\n- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1077182).\n- rfi-flush: Move the logic to avoid a redo into the debugfs code (bsc#1068032, bsc#1077182).\n- rfi-flush: Switch to new linear fallback flush (bsc#1068032, bsc#1077182).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-6-2018-568,SUSE-SLE-Module-Public-Cloud-12-2018-568,SUSE-SLE-SAP-12-SP1-2018-568,SUSE-SLE-SERVER-12-SP1-2018-568",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0848-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:0848-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180848-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:0848-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-March/003857.html"
},
{
"category": "self",
"summary": "SUSE Bug 1010470",
"url": "https://bugzilla.suse.com/1010470"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1045330",
"url": "https://bugzilla.suse.com/1045330"
},
{
"category": "self",
"summary": "SUSE Bug 1055755",
"url": "https://bugzilla.suse.com/1055755"
},
{
"category": "self",
"summary": "SUSE Bug 1062568",
"url": "https://bugzilla.suse.com/1062568"
},
{
"category": "self",
"summary": "SUSE Bug 1063416",
"url": "https://bugzilla.suse.com/1063416"
},
{
"category": "self",
"summary": "SUSE Bug 1066001",
"url": "https://bugzilla.suse.com/1066001"
},
{
"category": "self",
"summary": "SUSE Bug 1067118",
"url": "https://bugzilla.suse.com/1067118"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1072689",
"url": "https://bugzilla.suse.com/1072689"
},
{
"category": "self",
"summary": "SUSE Bug 1072865",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "self",
"summary": "SUSE Bug 1074488",
"url": "https://bugzilla.suse.com/1074488"
},
{
"category": "self",
"summary": "SUSE Bug 1075617",
"url": "https://bugzilla.suse.com/1075617"
},
{
"category": "self",
"summary": "SUSE Bug 1075621",
"url": "https://bugzilla.suse.com/1075621"
},
{
"category": "self",
"summary": "SUSE Bug 1077182",
"url": "https://bugzilla.suse.com/1077182"
},
{
"category": "self",
"summary": "SUSE Bug 1077560",
"url": "https://bugzilla.suse.com/1077560"
},
{
"category": "self",
"summary": "SUSE Bug 1077779",
"url": "https://bugzilla.suse.com/1077779"
},
{
"category": "self",
"summary": "SUSE Bug 1078669",
"url": "https://bugzilla.suse.com/1078669"
},
{
"category": "self",
"summary": "SUSE Bug 1078672",
"url": "https://bugzilla.suse.com/1078672"
},
{
"category": "self",
"summary": "SUSE Bug 1078673",
"url": "https://bugzilla.suse.com/1078673"
},
{
"category": "self",
"summary": "SUSE Bug 1078674",
"url": "https://bugzilla.suse.com/1078674"
},
{
"category": "self",
"summary": "SUSE Bug 1080255",
"url": "https://bugzilla.suse.com/1080255"
},
{
"category": "self",
"summary": "SUSE Bug 1080287",
"url": "https://bugzilla.suse.com/1080287"
},
{
"category": "self",
"summary": "SUSE Bug 1080464",
"url": "https://bugzilla.suse.com/1080464"
},
{
"category": "self",
"summary": "SUSE Bug 1080757",
"url": "https://bugzilla.suse.com/1080757"
},
{
"category": "self",
"summary": "SUSE Bug 1081512",
"url": "https://bugzilla.suse.com/1081512"
},
{
"category": "self",
"summary": "SUSE Bug 1082299",
"url": "https://bugzilla.suse.com/1082299"
},
{
"category": "self",
"summary": "SUSE Bug 1083244",
"url": "https://bugzilla.suse.com/1083244"
},
{
"category": "self",
"summary": "SUSE Bug 1083483",
"url": "https://bugzilla.suse.com/1083483"
},
{
"category": "self",
"summary": "SUSE Bug 1083494",
"url": "https://bugzilla.suse.com/1083494"
},
{
"category": "self",
"summary": "SUSE Bug 1083640",
"url": "https://bugzilla.suse.com/1083640"
},
{
"category": "self",
"summary": "SUSE Bug 1084323",
"url": "https://bugzilla.suse.com/1084323"
},
{
"category": "self",
"summary": "SUSE Bug 1085107",
"url": "https://bugzilla.suse.com/1085107"
},
{
"category": "self",
"summary": "SUSE Bug 1085114",
"url": "https://bugzilla.suse.com/1085114"
},
{
"category": "self",
"summary": "SUSE Bug 1085447",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7915 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12190 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13166 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15299 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15299/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16644 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16911 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16912 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16913 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16914 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18017 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18204 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18208 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18221 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1066 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1068 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5332 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5332/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5333 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6927 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7566 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7566/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-03-29T12:28:31Z",
"generator": {
"date": "2018-03-29T12:28:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:0848-1",
"initial_release_date": "2018-03-29T12:28:31Z",
"revision_history": [
{
"date": "2018-03-29T12:28:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.74-60.64.85.1.noarch",
"product": {
"name": "kernel-devel-3.12.74-60.64.85.1.noarch",
"product_id": "kernel-devel-3.12.74-60.64.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.74-60.64.85.1.noarch",
"product": {
"name": "kernel-macros-3.12.74-60.64.85.1.noarch",
"product_id": "kernel-macros-3.12.74-60.64.85.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.74-60.64.85.1.noarch",
"product": {
"name": "kernel-source-3.12.74-60.64.85.1.noarch",
"product_id": "kernel-source-3.12.74-60.64.85.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.85.1.ppc64le",
"product": {
"name": "kernel-default-3.12.74-60.64.85.1.ppc64le",
"product_id": "kernel-default-3.12.74-60.64.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"product_id": "kernel-default-base-3.12.74-60.64.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"product_id": "kernel-default-devel-3.12.74-60.64.85.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.85.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.74-60.64.85.1.ppc64le",
"product_id": "kernel-syms-3.12.74-60.64.85.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.85.1.s390x",
"product": {
"name": "kernel-default-3.12.74-60.64.85.1.s390x",
"product_id": "kernel-default-3.12.74-60.64.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.85.1.s390x",
"product": {
"name": "kernel-default-base-3.12.74-60.64.85.1.s390x",
"product_id": "kernel-default-base-3.12.74-60.64.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.85.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.s390x",
"product_id": "kernel-default-devel-3.12.74-60.64.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.74-60.64.85.1.s390x",
"product": {
"name": "kernel-default-man-3.12.74-60.64.85.1.s390x",
"product_id": "kernel-default-man-3.12.74-60.64.85.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.85.1.s390x",
"product": {
"name": "kernel-syms-3.12.74-60.64.85.1.s390x",
"product_id": "kernel-syms-3.12.74-60.64.85.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-default-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-default-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-default-base-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-default-devel-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-syms-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-syms-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-xen-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-xen-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-xen-base-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-ec2-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.74-60.64.85.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.74-60.64.85.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 6",
"product": {
"name": "SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.85.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.85.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.85.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.85.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.85.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.85.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.85.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.85.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-default-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.85.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-default-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x"
},
"product_reference": "kernel-default-3.12.74-60.64.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x"
},
"product_reference": "kernel-default-base-3.12.74-60.64.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.74-60.64.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x"
},
"product_reference": "kernel-default-man-3.12.74-60.64.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.85.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.85.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.85.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.74-60.64.85.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.85.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x"
},
"product_reference": "kernel-syms-3.12.74-60.64.85.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7915"
}
],
"notes": [
{
"category": "general",
"text": "The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7915",
"url": "https://www.suse.com/security/cve/CVE-2016-7915"
},
{
"category": "external",
"summary": "SUSE Bug 1010470 for CVE-2016-7915",
"url": "https://bugzilla.suse.com/1010470"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2016-7915",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2016-7915"
},
{
"cve": "CVE-2017-12190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12190"
}
],
"notes": [
{
"category": "general",
"text": "The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12190",
"url": "https://www.suse.com/security/cve/CVE-2017-12190"
},
{
"category": "external",
"summary": "SUSE Bug 1062568 for CVE-2017-12190",
"url": "https://bugzilla.suse.com/1062568"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-12190",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-12190"
},
{
"cve": "CVE-2017-13166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13166"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13166",
"url": "https://www.suse.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "SUSE Bug 1072865 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "external",
"summary": "SUSE Bug 1085447 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "important"
}
],
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2017-15299",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15299"
}
],
"notes": [
{
"category": "general",
"text": "The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15299",
"url": "https://www.suse.com/security/cve/CVE-2017-15299"
},
{
"category": "external",
"summary": "SUSE Bug 1063416 for CVE-2017-15299",
"url": "https://bugzilla.suse.com/1063416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-15299"
},
{
"cve": "CVE-2017-16644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16644"
}
],
"notes": [
{
"category": "general",
"text": "The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16644",
"url": "https://www.suse.com/security/cve/CVE-2017-16644"
},
{
"category": "external",
"summary": "SUSE Bug 1067118 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1067118"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1146519 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1146519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-16644"
},
{
"cve": "CVE-2017-16911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16911"
}
],
"notes": [
{
"category": "general",
"text": "The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16911",
"url": "https://www.suse.com/security/cve/CVE-2017-16911"
},
{
"category": "external",
"summary": "SUSE Bug 1078674 for CVE-2017-16911",
"url": "https://bugzilla.suse.com/1078674"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16911",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16911",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "low"
}
],
"title": "CVE-2017-16911"
},
{
"cve": "CVE-2017-16912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16912"
}
],
"notes": [
{
"category": "general",
"text": "The \"get_pipe()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16912",
"url": "https://www.suse.com/security/cve/CVE-2017-16912"
},
{
"category": "external",
"summary": "SUSE Bug 1078673 for CVE-2017-16912",
"url": "https://bugzilla.suse.com/1078673"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16912",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16912",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-16912"
},
{
"cve": "CVE-2017-16913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16913"
}
],
"notes": [
{
"category": "general",
"text": "The \"stub_recv_cmd_submit()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16913",
"url": "https://www.suse.com/security/cve/CVE-2017-16913"
},
{
"category": "external",
"summary": "SUSE Bug 1078672 for CVE-2017-16913",
"url": "https://bugzilla.suse.com/1078672"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16913",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16913",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-16913"
},
{
"cve": "CVE-2017-16914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16914"
}
],
"notes": [
{
"category": "general",
"text": "The \"stub_send_ret_submit()\" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16914",
"url": "https://www.suse.com/security/cve/CVE-2017-16914"
},
{
"category": "external",
"summary": "SUSE Bug 1078669 for CVE-2017-16914",
"url": "https://bugzilla.suse.com/1078669"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16914",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16914",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "low"
}
],
"title": "CVE-2017-16914"
},
{
"cve": "CVE-2017-18017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18017"
}
],
"notes": [
{
"category": "general",
"text": "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18017",
"url": "https://www.suse.com/security/cve/CVE-2017-18017"
},
{
"category": "external",
"summary": "SUSE Bug 1074488 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1074488"
},
{
"category": "external",
"summary": "SUSE Bug 1080255 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1080255"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/971126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "important"
}
],
"title": "CVE-2017-18017"
},
{
"cve": "CVE-2017-18204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18204"
}
],
"notes": [
{
"category": "general",
"text": "The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18204",
"url": "https://www.suse.com/security/cve/CVE-2017-18204"
},
{
"category": "external",
"summary": "SUSE Bug 1083244 for CVE-2017-18204",
"url": "https://bugzilla.suse.com/1083244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-18204"
},
{
"cve": "CVE-2017-18208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18208"
}
],
"notes": [
{
"category": "general",
"text": "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18208",
"url": "https://www.suse.com/security/cve/CVE-2017-18208"
},
{
"category": "external",
"summary": "SUSE Bug 1083494 for CVE-2017-18208",
"url": "https://bugzilla.suse.com/1083494"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-18208",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-18208",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-18208"
},
{
"cve": "CVE-2017-18221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18221"
}
],
"notes": [
{
"category": "general",
"text": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18221",
"url": "https://www.suse.com/security/cve/CVE-2017-18221"
},
{
"category": "external",
"summary": "SUSE Bug 1084323 for CVE-2017-18221",
"url": "https://bugzilla.suse.com/1084323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2017-18221"
},
{
"cve": "CVE-2018-1066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1066"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1066",
"url": "https://www.suse.com/security/cve/CVE-2018-1066"
},
{
"category": "external",
"summary": "SUSE Bug 1083640 for CVE-2018-1066",
"url": "https://bugzilla.suse.com/1083640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2018-1066"
},
{
"cve": "CVE-2018-1068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1068"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux 4.x kernel\u0027s implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1068",
"url": "https://www.suse.com/security/cve/CVE-2018-1068"
},
{
"category": "external",
"summary": "SUSE Bug 1085107 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1085107"
},
{
"category": "external",
"summary": "SUSE Bug 1085114 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1085114"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1123903 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1123903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "important"
}
],
"title": "CVE-2018-1068"
},
{
"cve": "CVE-2018-5332",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5332"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5332",
"url": "https://www.suse.com/security/cve/CVE-2018-5332"
},
{
"category": "external",
"summary": "SUSE Bug 1075621 for CVE-2018-5332",
"url": "https://bugzilla.suse.com/1075621"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-5332",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5332",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "low"
}
],
"title": "CVE-2018-5332"
},
{
"cve": "CVE-2018-5333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5333",
"url": "https://www.suse.com/security/cve/CVE-2018-5333"
},
{
"category": "external",
"summary": "SUSE Bug 1075617 for CVE-2018-5333",
"url": "https://bugzilla.suse.com/1075617"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-5333",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "low"
}
],
"title": "CVE-2018-5333"
},
{
"cve": "CVE-2018-6927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6927"
}
],
"notes": [
{
"category": "general",
"text": "The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6927",
"url": "https://www.suse.com/security/cve/CVE-2018-6927"
},
{
"category": "external",
"summary": "SUSE Bug 1080757 for CVE-2018-6927",
"url": "https://bugzilla.suse.com/1080757"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-6927",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "moderate"
}
],
"title": "CVE-2018-6927"
},
{
"cve": "CVE-2018-7566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7566"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7566",
"url": "https://www.suse.com/security/cve/CVE-2018-7566"
},
{
"category": "external",
"summary": "SUSE Bug 1083483 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1083483"
},
{
"category": "external",
"summary": "SUSE Bug 1083488 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1083488"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.85.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.85.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_85-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-29T12:28:31Z",
"details": "important"
}
],
"title": "CVE-2018-7566"
}
]
}
suse-su-2018:0834-1
Vulnerability from csaf_suse
Published
2018-03-28 14:17
Modified
2018-03-28 14:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface
for bridging. This allowed a privileged user to arbitrarily write to a limited
range of kernel memory (bnc#1085107).
- CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a
denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall
and munlockall system calls (bnc#1084323).
- CVE-2018-1066: Prevent NULL pointer dereference in
fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a
CIFS server to kernel panic a client that has this server mounted, because an
empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled
during session recovery (bnc#1083640).
- CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel
v4l2 video driver (bnc#1072865).
- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose
kernel memory addresses. Successful exploitation required that a USB device was
attached over IP (bnc#1078674).
- CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that
already exists but is uninstantiated, which allowed local users to cause a
denial of service (NULL pointer dereference and system crash) or possibly have
unspecified other impact via a crafted system call (bnc#1063416).
- CVE-2017-18208: The madvise_willneed function kernel allowed local users to
cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED
for a DAX mapping (bnc#1083494).
- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand
by invoking snd_seq_pool_init() when the first write happens and the pool is
empty. A user could have reset the pool size manually via ioctl concurrently,
which may have lead UAF or out-of-bound access (bsc#1083483).
- CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a
denial of service (deadlock) via DIO requests (bnc#1083244).
- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a
denial of service (improper error handling and system crash) or possibly have
unspecified other impact via a crafted USB device (bnc#1067118).
- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial
of service (integer overflow) or possibly have unspecified other impact by
triggering a negative wake or requeue value (bnc#1080757).
- CVE-2017-16914: The 'stub_send_ret_submit()' function allowed attackers to
cause a denial of service (NULL pointer dereference) via a specially crafted
USB over IP packet (bnc#1078669).
- CVE-2016-7915: The hid_input_field function allowed physically proximate
attackers to obtain sensitive information from kernel memory or cause a denial
of service (out-of-bounds read) by connecting a device (bnc#1010470).
- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did
unbalanced refcounting when a SCSI I/O vector had small consecutive buffers
belonging to the same page. The bio_add_pc_page function merged them into one,
but the page reference was never dropped. This caused a memory leak and
possible system lockup (exploitable against the host OS by a guest OS user, if
a SCSI disk is passed through to a virtual machine) due to an out-of-memory
condition (bnc#1062568).
- CVE-2017-16912: The 'get_pipe()' function allowed attackers to cause a denial
of service (out-of-bounds read) via a specially crafted USB over IP packet
(bnc#1078673).
- CVE-2017-16913: The 'stub_recv_cmd_submit()' function when handling
CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary
memory allocation) via a specially crafted USB over IP packet (bnc#1078672).
- CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value
that is used during DMA page allocation, leading to a heap-based out-of-bounds
write (related to the rds_rdma_extra_size function in net/rds/rdma.c)
(bnc#1075621).
- CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled
cases where page pinning fails or an invalid address is supplied, leading to an
rds_atomic_free_op NULL pointer dereference (bnc#1075617).
- CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to
cause a denial of service (use-after-free and memory corruption) or possibly
have unspecified other impact by leveraging the presence of xt_TCPMSS in an
iptables action (bnc#1074488).
The following non-security bugs were fixed:
- Fix build on arm64 by defining empty gmb() (bnc#1068032).
- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).
- KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001).
- KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001).
- include/stddef.h: Move offsetofend() from vfio.h to a generic kernel header (bsc#1077560).
- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).
- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).
- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).
- x86/kaiser: use trampoline stack for kernel entry (bsc#1077560)
- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).
- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299).
- livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299)
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).
- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).
- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).
- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).
- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).
- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).
- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).
- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).
- packet: only call dev_add_pack() on freshly allocated fanout instances
- pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330).
- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).
Patchnames
SUSE-SLE-Module-Public-Cloud-12-2018-558,SUSE-SLE-SERVER-12-2018-558
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface\n for bridging. This allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bnc#1085107).\n- CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a\n denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall\n and munlockall system calls (bnc#1084323).\n- CVE-2018-1066: Prevent NULL pointer dereference in\n fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a\n CIFS server to kernel panic a client that has this server mounted, because an\n empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled\n during session recovery (bnc#1083640).\n- CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel\n v4l2 video driver (bnc#1072865).\n- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose\n kernel memory addresses. Successful exploitation required that a USB device was\n attached over IP (bnc#1078674).\n- CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that\n already exists but is uninstantiated, which allowed local users to cause a\n denial of service (NULL pointer dereference and system crash) or possibly have\n unspecified other impact via a crafted system call (bnc#1063416).\n- CVE-2017-18208: The madvise_willneed function kernel allowed local users to\n cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED\n for a DAX mapping (bnc#1083494).\n- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand\n by invoking snd_seq_pool_init() when the first write happens and the pool is\n empty. A user could have reset the pool size manually via ioctl concurrently,\n which may have lead UAF or out-of-bound access (bsc#1083483).\n- CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a\n denial of service (deadlock) via DIO requests (bnc#1083244).\n- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a\n denial of service (improper error handling and system crash) or possibly have\n unspecified other impact via a crafted USB device (bnc#1067118).\n- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial\n of service (integer overflow) or possibly have unspecified other impact by\n triggering a negative wake or requeue value (bnc#1080757).\n- CVE-2017-16914: The \u0027stub_send_ret_submit()\u0027 function allowed attackers to\n cause a denial of service (NULL pointer dereference) via a specially crafted\n USB over IP packet (bnc#1078669).\n- CVE-2016-7915: The hid_input_field function allowed physically proximate\n attackers to obtain sensitive information from kernel memory or cause a denial\n of service (out-of-bounds read) by connecting a device (bnc#1010470).\n- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did\n unbalanced refcounting when a SCSI I/O vector had small consecutive buffers\n belonging to the same page. The bio_add_pc_page function merged them into one,\n but the page reference was never dropped. This caused a memory leak and\n possible system lockup (exploitable against the host OS by a guest OS user, if\n a SCSI disk is passed through to a virtual machine) due to an out-of-memory\n condition (bnc#1062568).\n- CVE-2017-16912: The \u0027get_pipe()\u0027 function allowed attackers to cause a denial\n of service (out-of-bounds read) via a specially crafted USB over IP packet\n (bnc#1078673).\n- CVE-2017-16913: The \u0027stub_recv_cmd_submit()\u0027 function when handling\n CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary\n memory allocation) via a specially crafted USB over IP packet (bnc#1078672).\n- CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value\n that is used during DMA page allocation, leading to a heap-based out-of-bounds\n write (related to the rds_rdma_extra_size function in net/rds/rdma.c)\n (bnc#1075621).\n- CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled\n cases where page pinning fails or an invalid address is supplied, leading to an\n rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to\n cause a denial of service (use-after-free and memory corruption) or possibly\n have unspecified other impact by leveraging the presence of xt_TCPMSS in an\n iptables action (bnc#1074488).\n\nThe following non-security bugs were fixed:\n\n- Fix build on arm64 by defining empty gmb() (bnc#1068032).\n- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).\n- KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001).\n- KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001).\n- include/stddef.h: Move offsetofend() from vfio.h to a generic kernel header (bsc#1077560).\n- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).\n- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).\n- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).\n- x86/kaiser: use trampoline stack for kernel entry (bsc#1077560)\n- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).\n- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299).\n- livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299)\n- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: move \u0027helper\u0027 functions to __get/put_v4l2_format32 (bnc#1012382).\n- media: v4l2-compat-ioctl32: Copy v4l2_window-\u003eglobal_alpha (bnc#1012382).\n- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).\n- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).\n- packet: only call dev_add_pack() on freshly allocated fanout instances\n- pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330).\n- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Public-Cloud-12-2018-558,SUSE-SLE-SERVER-12-2018-558",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0834-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:0834-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180834-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:0834-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-March/003850.html"
},
{
"category": "self",
"summary": "SUSE Bug 1010470",
"url": "https://bugzilla.suse.com/1010470"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1045330",
"url": "https://bugzilla.suse.com/1045330"
},
{
"category": "self",
"summary": "SUSE Bug 1062568",
"url": "https://bugzilla.suse.com/1062568"
},
{
"category": "self",
"summary": "SUSE Bug 1063416",
"url": "https://bugzilla.suse.com/1063416"
},
{
"category": "self",
"summary": "SUSE Bug 1066001",
"url": "https://bugzilla.suse.com/1066001"
},
{
"category": "self",
"summary": "SUSE Bug 1067118",
"url": "https://bugzilla.suse.com/1067118"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1072689",
"url": "https://bugzilla.suse.com/1072689"
},
{
"category": "self",
"summary": "SUSE Bug 1072865",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "self",
"summary": "SUSE Bug 1074488",
"url": "https://bugzilla.suse.com/1074488"
},
{
"category": "self",
"summary": "SUSE Bug 1075617",
"url": "https://bugzilla.suse.com/1075617"
},
{
"category": "self",
"summary": "SUSE Bug 1075621",
"url": "https://bugzilla.suse.com/1075621"
},
{
"category": "self",
"summary": "SUSE Bug 1077560",
"url": "https://bugzilla.suse.com/1077560"
},
{
"category": "self",
"summary": "SUSE Bug 1078669",
"url": "https://bugzilla.suse.com/1078669"
},
{
"category": "self",
"summary": "SUSE Bug 1078672",
"url": "https://bugzilla.suse.com/1078672"
},
{
"category": "self",
"summary": "SUSE Bug 1078673",
"url": "https://bugzilla.suse.com/1078673"
},
{
"category": "self",
"summary": "SUSE Bug 1078674",
"url": "https://bugzilla.suse.com/1078674"
},
{
"category": "self",
"summary": "SUSE Bug 1080255",
"url": "https://bugzilla.suse.com/1080255"
},
{
"category": "self",
"summary": "SUSE Bug 1080464",
"url": "https://bugzilla.suse.com/1080464"
},
{
"category": "self",
"summary": "SUSE Bug 1080757",
"url": "https://bugzilla.suse.com/1080757"
},
{
"category": "self",
"summary": "SUSE Bug 1082299",
"url": "https://bugzilla.suse.com/1082299"
},
{
"category": "self",
"summary": "SUSE Bug 1083244",
"url": "https://bugzilla.suse.com/1083244"
},
{
"category": "self",
"summary": "SUSE Bug 1083483",
"url": "https://bugzilla.suse.com/1083483"
},
{
"category": "self",
"summary": "SUSE Bug 1083494",
"url": "https://bugzilla.suse.com/1083494"
},
{
"category": "self",
"summary": "SUSE Bug 1083640",
"url": "https://bugzilla.suse.com/1083640"
},
{
"category": "self",
"summary": "SUSE Bug 1084323",
"url": "https://bugzilla.suse.com/1084323"
},
{
"category": "self",
"summary": "SUSE Bug 1085107",
"url": "https://bugzilla.suse.com/1085107"
},
{
"category": "self",
"summary": "SUSE Bug 1085114",
"url": "https://bugzilla.suse.com/1085114"
},
{
"category": "self",
"summary": "SUSE Bug 1085279",
"url": "https://bugzilla.suse.com/1085279"
},
{
"category": "self",
"summary": "SUSE Bug 1085447",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7915 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12190 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13166 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15299 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15299/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16644 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16911 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16912 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16913 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16914 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18017 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18204 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18208 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18221 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1066 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1068 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5332 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5332/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5333 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6927 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7566 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7566/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-03-28T14:17:49Z",
"generator": {
"date": "2018-03-28T14:17:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:0834-1",
"initial_release_date": "2018-03-28T14:17:49Z",
"revision_history": [
{
"date": "2018-03-28T14:17:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.61-52.125.1.noarch",
"product": {
"name": "kernel-devel-3.12.61-52.125.1.noarch",
"product_id": "kernel-devel-3.12.61-52.125.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.61-52.125.1.noarch",
"product": {
"name": "kernel-macros-3.12.61-52.125.1.noarch",
"product_id": "kernel-macros-3.12.61-52.125.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.61-52.125.1.noarch",
"product": {
"name": "kernel-source-3.12.61-52.125.1.noarch",
"product_id": "kernel-source-3.12.61-52.125.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.125.1.ppc64le",
"product": {
"name": "kernel-default-3.12.61-52.125.1.ppc64le",
"product_id": "kernel-default-3.12.61-52.125.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.125.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.61-52.125.1.ppc64le",
"product_id": "kernel-default-base-3.12.61-52.125.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.125.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.61-52.125.1.ppc64le",
"product_id": "kernel-default-devel-3.12.61-52.125.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.125.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.61-52.125.1.ppc64le",
"product_id": "kernel-syms-3.12.61-52.125.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.125.1.s390x",
"product": {
"name": "kernel-default-3.12.61-52.125.1.s390x",
"product_id": "kernel-default-3.12.61-52.125.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.125.1.s390x",
"product": {
"name": "kernel-default-base-3.12.61-52.125.1.s390x",
"product_id": "kernel-default-base-3.12.61-52.125.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.125.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.61-52.125.1.s390x",
"product_id": "kernel-default-devel-3.12.61-52.125.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.61-52.125.1.s390x",
"product": {
"name": "kernel-default-man-3.12.61-52.125.1.s390x",
"product_id": "kernel-default-man-3.12.61-52.125.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.125.1.s390x",
"product": {
"name": "kernel-syms-3.12.61-52.125.1.s390x",
"product_id": "kernel-syms-3.12.61-52.125.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-ec2-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.61-52.125.1.x86_64",
"product_id": "kernel-ec2-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-default-3.12.61-52.125.1.x86_64",
"product_id": "kernel-default-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.61-52.125.1.x86_64",
"product_id": "kernel-default-base-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.61-52.125.1.x86_64",
"product_id": "kernel-default-devel-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-syms-3.12.61-52.125.1.x86_64",
"product_id": "kernel-syms-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-xen-3.12.61-52.125.1.x86_64",
"product_id": "kernel-xen-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.61-52.125.1.x86_64",
"product_id": "kernel-xen-base-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.61-52.125.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.61-52.125.1.x86_64",
"product_id": "kernel-xen-devel-3.12.61-52.125.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le"
},
"product_reference": "kernel-default-3.12.61-52.125.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x"
},
"product_reference": "kernel-default-3.12.61-52.125.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-default-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.61-52.125.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x"
},
"product_reference": "kernel-default-base-3.12.61-52.125.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.61-52.125.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.61-52.125.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x"
},
"product_reference": "kernel-default-man-3.12.61-52.125.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.61-52.125.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch"
},
"product_reference": "kernel-devel-3.12.61-52.125.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.61-52.125.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch"
},
"product_reference": "kernel-macros-3.12.61-52.125.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.61-52.125.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch"
},
"product_reference": "kernel-source-3.12.61-52.125.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.125.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.61-52.125.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.125.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x"
},
"product_reference": "kernel-syms-3.12.61-52.125.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-syms-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-xen-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.61-52.125.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.61-52.125.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7915"
}
],
"notes": [
{
"category": "general",
"text": "The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7915",
"url": "https://www.suse.com/security/cve/CVE-2016-7915"
},
{
"category": "external",
"summary": "SUSE Bug 1010470 for CVE-2016-7915",
"url": "https://bugzilla.suse.com/1010470"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2016-7915",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2016-7915"
},
{
"cve": "CVE-2017-12190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12190"
}
],
"notes": [
{
"category": "general",
"text": "The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12190",
"url": "https://www.suse.com/security/cve/CVE-2017-12190"
},
{
"category": "external",
"summary": "SUSE Bug 1062568 for CVE-2017-12190",
"url": "https://bugzilla.suse.com/1062568"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-12190",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-12190"
},
{
"cve": "CVE-2017-13166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13166"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13166",
"url": "https://www.suse.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "SUSE Bug 1072865 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "external",
"summary": "SUSE Bug 1085447 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "important"
}
],
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2017-15299",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15299"
}
],
"notes": [
{
"category": "general",
"text": "The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15299",
"url": "https://www.suse.com/security/cve/CVE-2017-15299"
},
{
"category": "external",
"summary": "SUSE Bug 1063416 for CVE-2017-15299",
"url": "https://bugzilla.suse.com/1063416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-15299"
},
{
"cve": "CVE-2017-16644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16644"
}
],
"notes": [
{
"category": "general",
"text": "The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16644",
"url": "https://www.suse.com/security/cve/CVE-2017-16644"
},
{
"category": "external",
"summary": "SUSE Bug 1067118 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1067118"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1146519 for CVE-2017-16644",
"url": "https://bugzilla.suse.com/1146519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-16644"
},
{
"cve": "CVE-2017-16911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16911"
}
],
"notes": [
{
"category": "general",
"text": "The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16911",
"url": "https://www.suse.com/security/cve/CVE-2017-16911"
},
{
"category": "external",
"summary": "SUSE Bug 1078674 for CVE-2017-16911",
"url": "https://bugzilla.suse.com/1078674"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16911",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16911",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "low"
}
],
"title": "CVE-2017-16911"
},
{
"cve": "CVE-2017-16912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16912"
}
],
"notes": [
{
"category": "general",
"text": "The \"get_pipe()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16912",
"url": "https://www.suse.com/security/cve/CVE-2017-16912"
},
{
"category": "external",
"summary": "SUSE Bug 1078673 for CVE-2017-16912",
"url": "https://bugzilla.suse.com/1078673"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16912",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16912",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-16912"
},
{
"cve": "CVE-2017-16913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16913"
}
],
"notes": [
{
"category": "general",
"text": "The \"stub_recv_cmd_submit()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16913",
"url": "https://www.suse.com/security/cve/CVE-2017-16913"
},
{
"category": "external",
"summary": "SUSE Bug 1078672 for CVE-2017-16913",
"url": "https://bugzilla.suse.com/1078672"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16913",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16913",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-16913"
},
{
"cve": "CVE-2017-16914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16914"
}
],
"notes": [
{
"category": "general",
"text": "The \"stub_send_ret_submit()\" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16914",
"url": "https://www.suse.com/security/cve/CVE-2017-16914"
},
{
"category": "external",
"summary": "SUSE Bug 1078669 for CVE-2017-16914",
"url": "https://bugzilla.suse.com/1078669"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-16914",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-16914",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "low"
}
],
"title": "CVE-2017-16914"
},
{
"cve": "CVE-2017-18017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18017"
}
],
"notes": [
{
"category": "general",
"text": "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18017",
"url": "https://www.suse.com/security/cve/CVE-2017-18017"
},
{
"category": "external",
"summary": "SUSE Bug 1074488 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1074488"
},
{
"category": "external",
"summary": "SUSE Bug 1080255 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1080255"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2017-18017",
"url": "https://bugzilla.suse.com/971126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "important"
}
],
"title": "CVE-2017-18017"
},
{
"cve": "CVE-2017-18204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18204"
}
],
"notes": [
{
"category": "general",
"text": "The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18204",
"url": "https://www.suse.com/security/cve/CVE-2017-18204"
},
{
"category": "external",
"summary": "SUSE Bug 1083244 for CVE-2017-18204",
"url": "https://bugzilla.suse.com/1083244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-18204"
},
{
"cve": "CVE-2017-18208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18208"
}
],
"notes": [
{
"category": "general",
"text": "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18208",
"url": "https://www.suse.com/security/cve/CVE-2017-18208"
},
{
"category": "external",
"summary": "SUSE Bug 1083494 for CVE-2017-18208",
"url": "https://bugzilla.suse.com/1083494"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-18208",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-18208",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-18208"
},
{
"cve": "CVE-2017-18221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18221"
}
],
"notes": [
{
"category": "general",
"text": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18221",
"url": "https://www.suse.com/security/cve/CVE-2017-18221"
},
{
"category": "external",
"summary": "SUSE Bug 1084323 for CVE-2017-18221",
"url": "https://bugzilla.suse.com/1084323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2017-18221"
},
{
"cve": "CVE-2018-1066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1066"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1066",
"url": "https://www.suse.com/security/cve/CVE-2018-1066"
},
{
"category": "external",
"summary": "SUSE Bug 1083640 for CVE-2018-1066",
"url": "https://bugzilla.suse.com/1083640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2018-1066"
},
{
"cve": "CVE-2018-1068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1068"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux 4.x kernel\u0027s implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1068",
"url": "https://www.suse.com/security/cve/CVE-2018-1068"
},
{
"category": "external",
"summary": "SUSE Bug 1085107 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1085107"
},
{
"category": "external",
"summary": "SUSE Bug 1085114 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1085114"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1123903 for CVE-2018-1068",
"url": "https://bugzilla.suse.com/1123903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "important"
}
],
"title": "CVE-2018-1068"
},
{
"cve": "CVE-2018-5332",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5332"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5332",
"url": "https://www.suse.com/security/cve/CVE-2018-5332"
},
{
"category": "external",
"summary": "SUSE Bug 1075621 for CVE-2018-5332",
"url": "https://bugzilla.suse.com/1075621"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-5332",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-5332",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "low"
}
],
"title": "CVE-2018-5332"
},
{
"cve": "CVE-2018-5333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5333",
"url": "https://www.suse.com/security/cve/CVE-2018-5333"
},
{
"category": "external",
"summary": "SUSE Bug 1075617 for CVE-2018-5333",
"url": "https://bugzilla.suse.com/1075617"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-5333",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "low"
}
],
"title": "CVE-2018-5333"
},
{
"cve": "CVE-2018-6927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6927"
}
],
"notes": [
{
"category": "general",
"text": "The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6927",
"url": "https://www.suse.com/security/cve/CVE-2018-6927"
},
{
"category": "external",
"summary": "SUSE Bug 1080757 for CVE-2018-6927",
"url": "https://bugzilla.suse.com/1080757"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-6927",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "moderate"
}
],
"title": "CVE-2018-6927"
},
{
"cve": "CVE-2018-7566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7566"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7566",
"url": "https://www.suse.com/security/cve/CVE-2018-7566"
},
{
"category": "external",
"summary": "SUSE Bug 1083483 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1083483"
},
{
"category": "external",
"summary": "SUSE Bug 1083488 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1083488"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-7566",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.125.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.125.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_125-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-03-28T14:17:49Z",
"details": "important"
}
],
"title": "CVE-2018-7566"
}
]
}
fkie_cve-2017-18221
Vulnerability from fkie_nvd
Published
2018-03-07 08:29
Modified
2024-11-21 03:19
Severity ?
Summary
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5585AF1-24A5-486E-B916-B18EBF5851A7",
"versionEndExcluding": "4.11.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls."
},
{
"lang": "es",
"value": "La funci\u00f3n __munlock_pagevec en mm/mlock.c en el kernel de Linux, en versiones anteriores a la 4.11.4, permite que usuarios locales provoquen una denegaci\u00f3n de servicio (corrupci\u00f3n de contabilidad NR_MLOCK) mediante el uso manipulado de llamadas del sistema mlockall y munlockall."
}
],
"id": "CVE-2017-18221",
"lastModified": "2024-11-21T03:19:36.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-07T08:29:00.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103321"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-286w-m7xc-q3hr
Vulnerability from github
Published
2022-05-14 03:20
Modified
2022-05-14 03:20
Severity ?
VLAI Severity ?
Details
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
{
"affected": [],
"aliases": [
"CVE-2017-18221"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-07T08:29:00Z",
"severity": "MODERATE"
},
"details": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.",
"id": "GHSA-286w-m7xc-q3hr",
"modified": "2022-05-14T03:20:48Z",
"published": "2022-05-14T03:20:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18221"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3655-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3655-2"
},
{
"type": "WEB",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103321"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2017-18221
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-18221",
"description": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.",
"id": "GSD-2017-18221",
"references": [
"https://www.suse.com/security/cve/CVE-2017-18221.html",
"https://ubuntu.com/security/CVE-2017-18221",
"https://linux.oracle.com/cve/CVE-2017-18221.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-18221"
],
"details": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.",
"id": "GSD-2017-18221",
"modified": "2023-12-13T01:21:11.161344Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "USN-3655-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4",
"refsource": "MISC",
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
},
{
"name": "USN-3655-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "103321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103321"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.11.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18221"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4"
},
{
"name": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc"
},
{
"name": "103321",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103321"
},
{
"name": "USN-3655-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "USN-3655-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3655-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2018-05-31T01:29Z",
"publishedDate": "2018-03-07T08:29Z"
}
}
}
cnvd-2018-06460
Vulnerability from cnvd
Title: Linux kernel拒绝服务漏洞(CNVD-2018-06460)
Description:
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。
Linux kernel 4.11.4之前版本中的mm/mlock.c文件的‘__munlock_pagevec’函数存在安全漏洞。本地攻击者可通过使用mlockall和munlockall系统调用利用该漏洞造成拒绝服务。
Severity: 低
Patch Name: Linux kernel拒绝服务漏洞(CNVD-2018-06460)的补丁
Patch Description:
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。
Linux kernel 4.11.4之前版本中的mm/mlock.c文件的‘__munlock_pagevec’函数存在安全漏洞。本地攻击者可通过使用mlockall和munlockall系统调用利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
厂商已发布漏洞修复程序,请及时关注更新: https://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc
Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-18221
Impacted products
| Name | Linux kernel <4.11.4 |
|---|
{
"bids": {
"bid": {
"bidNumber": "103321"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-18221"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 4.11.4\u4e4b\u524d\u7248\u672c\u4e2d\u7684mm/mlock.c\u6587\u4ef6\u7684\u2018__munlock_pagevec\u2019\u51fd\u6570\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4f7f\u7528mlockall\u548cmunlockall\u7cfb\u7edf\u8c03\u7528\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "Kefeng Wang",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/torvalds/linux/commit/70feee0e1ef331b22cc51f383d532a0d043fbdcc",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-06460",
"openTime": "2018-03-27",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel 4.11.4\u4e4b\u524d\u7248\u672c\u4e2d\u7684mm/mlock.c\u6587\u4ef6\u7684\u2018__munlock_pagevec\u2019\u51fd\u6570\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u4f7f\u7528mlockall\u548cmunlockall\u7cfb\u7edf\u8c03\u7528\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-06460\uff09\u7684\u8865\u4e01",
"products": {
"product": "Linux kernel \u003c4.11.4"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-18221",
"serverity": "\u4f4e",
"submitTime": "2018-03-07",
"title": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-06460\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…