Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2019-11486
Vulnerability from cvelistv5
Published
2019-04-23 22:00
Modified
2024-08-04 22:55
Severity ?
EPSS score ?
Summary
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:55:40.629Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { name: "[oss-security] 20190429 Linux kernel: multiple issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, { name: "openSUSE-SU-2019:1404", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190517-0005/", }, { name: "openSUSE-SU-2019:1407", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { name: "openSUSE-SU-2019:1479", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K50222414", }, { name: "DSA-4465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jun/26", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-18T18:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { tags: [ "x_refsource_MISC", ], url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { tags: [ "x_refsource_MISC", ], url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { tags: [ "x_refsource_MISC", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { tags: [ "x_refsource_MISC", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { tags: [ "x_refsource_MISC", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { name: "[oss-security] 20190429 Linux kernel: multiple issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, { name: "openSUSE-SU-2019:1404", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190517-0005/", }, { name: "openSUSE-SU-2019:1407", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { name: "openSUSE-SU-2019:1479", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K50222414", }, { name: "DSA-4465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Jun/26", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-11486", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { name: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", refsource: "MISC", url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { name: "[oss-security] 20190429 Linux kernel: multiple issues", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, { name: "openSUSE-SU-2019:1404", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { name: "https://security.netapp.com/advisory/ntap-20190517-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190517-0005/", }, { name: "openSUSE-SU-2019:1407", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { name: "openSUSE-SU-2019:1479", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { name: "https://support.f5.com/csp/article/K50222414", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K50222414", }, { name: "DSA-4465", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Jun/26", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-11486", datePublished: "2019-04-23T22:00:24", dateReserved: "2019-04-23T00:00:00", dateUpdated: "2024-08-04T22:55:40.629Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2019-11486\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-04-23T22:29:05.133\",\"lastModified\":\"2024-11-21T04:21:10.827\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.\"},{\"lang\":\"es\",\"value\":\"El controlador de disciplina de línea Siemens R3964 en drivers/tty/n_r3964.c en el kernel de Linux antes de la versión 5.0.8 tiene múltiples condiciones de carrera.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.16.66\",\"matchCriteriaId\":\"F97FFEB5-C81D-4AB4-94F7-F2D480663DDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"3.18.139\",\"matchCriteriaId\":\"38D2BE0B-B7B1-4798-AE02-F25BCE43D452\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.19\",\"versionEndExcluding\":\"4.4.179\",\"matchCriteriaId\":\"4C8AD265-4D57-4C96-8CDE-E40908DC401D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.169\",\"matchCriteriaId\":\"30B4C182-BE81-4381-94C5-BAC55EA22B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.112\",\"matchCriteriaId\":\"A4CEB6C0-CF37-412C-8804-8B5BB13A6EC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.35\",\"matchCriteriaId\":\"E62E5576-988B-40C3-94E3-3402FC8C6EE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.0.8\",\"matchCriteriaId\":\"5A9EC3D3-2514-4C33-8BAA-2F2D52E37B54\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF29713A-2852-4E3D-9666-4001C7E8B667\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F74F467A-0C81-40D9-BA06-40FB8EF02C04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.7:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"15BC23DF-BBA1-4CD3-A800-FEACF501021D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73CBA7B6-1C6C-4FDF-BBCE-705940A145C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:virtual_storage_console:9.7:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"4AFD6E9F-C0C2-4B9B-B740-000C67E64036\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/04/29/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/26\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190517-0005/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K50222414\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4465\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/04/29/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190517-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K50222414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4465\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", }, }
suse-su-2019:1287-1
Vulnerability from csaf_suse
Published
2019-05-17 13:47
Modified
2019-05-17 13:47
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736
The following security bugs were fixed:
- CVE-2018-1128: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network could use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. (bnc#1096748).
- CVE-2018-1129: A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. (bnc#1096748).
- CVE-2016-8636: Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c allowed local users to cause a denial of service (memory corruption), obtain sensitive information or possibly have unspecified other impact via a write or read request involving the 'RDMA protocol over infiniband' (aka Soft RoCE) technology (bnc#1024908).
- CVE-2017-18174: In the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free (bnc#1080533).
- CVE-2018-1091: In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service (bnc#1087231).
- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c has multiple race conditions (bnc#1133188).
- CVE-2019-3882: A flaw was found in the vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS) (bsc#1131427).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2017-17741: The KVM implementation allowed attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311).
- CVE-2019-9503, CVE-2019-8564: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828, bnc#1132673).
The following non-security bugs were fixed:
- ACPI: acpi_pad: Do not launch acpi_pad threads on idle cpus (bsc#1113399).
- add mainline tags to four hyperv patches
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- Drivers: hv: vmbus: Define an API to retrieve virtual processor index (bsc#1122822).
- Drivers: hv: vmbus: Define APIs to manipulate the event page (bsc#1122822).
- Drivers: hv: vmbus: Define APIs to manipulate the message page (bsc#1122822).++ kernel-source.spec (revision 4)Release: <RELEASE>.gbd4498d
- Drivers: hv: vmbus: Define APIs to manipulate the synthetic interrupt controller (bsc#1122822).
- hv: v4.12 API for hyperv-iommu (bsc#1122822).
- iommu/hyper-v: Add Hyper-V stub IOMMU driver (bsc#1122822).
- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1111331).
- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).
- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (bsc#1111331).
- MDS: Add CVE refs
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1129279).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1129279).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1129279).
- net: ena: complete host info to match latest ENA spec (bsc#1129279).
- net: ena: enable Low Latency Queues (bsc#1129279).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1129279).
- net: ena: fix auto casting to boolean (bsc#1129279).
- net: ena: fix compilation error in xtensa architecture (bsc#1129279).
- net: ena: fix crash during ena_remove() (bsc#1129279).
- net: ena: fix crash during failed resume from hibernation (bsc#1129279).
- net: ena: fix indentations in ena_defs for better readability (bsc#1129279).
- net: ena: Fix Kconfig dependency on X86 (bsc#1129279).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1129279).
- net: ena: fix race between link up and device initalization (bsc#1129279).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1129279).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1129279).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1129279).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1129279).
- net: ena: minor performance improvement (bsc#1129279).
- net: ena: remove ndo_poll_controller (bsc#1129279).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1129279).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1129279).
- net: ena: update driver version from 2.0.2 to 2.0.3 (bsc#1129279).
- net: ena: update driver version to 2.0.1 (bsc#1129279).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1129279).
- PCI: hv: Add vPCI version protocol negotiation (bnc#1043485, bsc#1122822).
- PCI: hv: Allocate interrupt descriptors with GFP_ATOMIC (bnc#1034113, bsc#1122822).
- PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg() (bnc#1094268, bsc#1122822).
- PCI: hv: Do not sleep in compose_msi_msg() (bsc#1082632, bsc#1122822).
- PCI: hv: Fix 2 hang issues in hv_compose_msi_msg() (bsc#1087659, bsc#1087906, bsc#1122822).
- PCI: hv: Fix a comment typo in _hv_pcifront_read_config() (bsc#1087659, bsc#1122822).
- PCI: hv: Fix comment formatting and use proper integer fields (bnc#1043485, bsc#1122822).
- PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary (bsc#1087659, bsc#1122822).
- PCI: hv: Remove the bogus test in hv_eject_device_work() (bsc#1087659, bsc#1122822).
- PCI: hv: Serialize the present and eject work items (bsc#1087659, bsc#1122822).
- PCI: hv: Specify CPU_AFFINITY_ALL for MSI affinity when >= 32 CPUs (bnc#1043485, bsc#1122822).
- PCI: hv: Temporary own CPU-number-to-vCPU-number infra (bnc#1043485, bsc#1122822).
- PCI: hv: Use effective affinity mask (bsc#1109772, bsc#1122822).
- PCI: hv: Use page allocation for hbus structure (bnc#1043485, bsc#1122822).
- PCI: hv: Use vPCI protocol version 1.2 (bnc#1043485, bsc#1122822).
- pci-hyperv: increase HV_VP_SET_BANK_COUNT_MAX to handle 1792 vcpus (bsc#1122822).
- powerpc/64: Disable the speculation barrier from the command line (bsc#1068032).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- powerpc/tm: Add commandline option to disable hardware transactional memory (bsc#1118338).
- powerpc/tm: Add TM Unavailable Exception (bsc#1118338).
- powerpc/tm: Flip the HTM switch default to disabled (bsc#1125580).
- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).
- s390: add explicit <linux/stringify.h> for jump label (bsc#1111331).
- sched/core: Optimize SCHED_SMT (bsc#1111331).
- sched/smt: Expose sched_smt_present static key (bsc#1106913).
- sched/smt: Make sched_smt_present track topology (bsc#1106913).
- sched/smt: Update sched_smt_present at runtime (bsc#1111331).
- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.
- scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).
- scsi: storvsc: Reduce default ring buffer size to 128 Kbytes ().
- time: Introduce jiffies64_to_nsecs() (bsc#1113399).
- Use upstream variant of two pci-hyperv patches
- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382 bsc#1100152).
- x86/apic: Provide apic_ack_irq() (bsc#1122822).
- x86/bugs: Add AMD's variant of SSB_NO (bsc#1111331).
- x86/bugs: Rename SSBD_NO to SSB_NO (bsc#1111331).
- x86/cpu: Rename Merrifield2 to Moorefield (bsc#1111331).
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (bsc#1122822).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772, bsc#1122822).
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331).
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).
- x86/msr-index: Cleanup bit defines (bsc#1111331).
- x86/speculation: Consolidate CPU whitelists (bsc#1111331).
- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).
- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).
- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).
- x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331).
- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).
- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).
- x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331).
- x86/speculation/mds: Add SMT warning message (bsc#1111331).
- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).
- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bsc#1111331).
- x86/speculation: Move arch_smt_update() call to after mitigation decisions (bsc#1111331).
- x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1111331).
- x86/speculation: Rework SMT state change (bsc#1111331).
- x86/speculation: Simplify the CPU bug detection logic (bsc#1111331).
- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- x86: stop exporting msr-index.h to userland (bsc#1111331).
- xfrm6: call kfree_skb when skb is toobig (bnc#1012382 bsc#1100152).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382 bsc#1100152).
Patchnames
SUSE-2019-1287,SUSE-OpenStack-Cloud-7-2019-1287,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-1287,SUSE-SLE-HA-12-SP2-2019-1287,SUSE-SLE-SAP-12-SP2-2019-1287,SUSE-SLE-SERVER-12-SP2-2019-1287,SUSE-SLE-SERVER-12-SP2-BCL-2019-1287,SUSE-Storage-4-2019-1287
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.\n\nFour new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)\n\n- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)\n- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)\n- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)\n- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)\n\nThis kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.\n\nFor more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736\n\nThe following security bugs were fixed:\n\n- CVE-2018-1128: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network could use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. (bnc#1096748).\n- CVE-2018-1129: A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. (bnc#1096748).\n- CVE-2016-8636: Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c allowed local users to cause a denial of service (memory corruption), obtain sensitive information or possibly have unspecified other impact via a write or read request involving the 'RDMA protocol over infiniband' (aka Soft RoCE) technology (bnc#1024908).\n- CVE-2017-18174: In the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free (bnc#1080533).\n- CVE-2018-1091: In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service (bnc#1087231).\n- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c has multiple race conditions (bnc#1133188).\n- CVE-2019-3882: A flaw was found in the vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS) (bsc#1131427).\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2017-17741: The KVM implementation allowed attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311).\n- CVE-2019-9503, CVE-2019-8564: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828, bnc#1132673).\n\nThe following non-security bugs were fixed:\n\n- ACPI: acpi_pad: Do not launch acpi_pad threads on idle cpus (bsc#1113399).\n- add mainline tags to four hyperv patches\n- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).\n- Drivers: hv: vmbus: Define an API to retrieve virtual processor index (bsc#1122822).\n- Drivers: hv: vmbus: Define APIs to manipulate the event page (bsc#1122822).\n- Drivers: hv: vmbus: Define APIs to manipulate the message page (bsc#1122822).++ kernel-source.spec (revision 4)Release: <RELEASE>.gbd4498d\n- Drivers: hv: vmbus: Define APIs to manipulate the synthetic interrupt controller (bsc#1122822).\n- hv: v4.12 API for hyperv-iommu (bsc#1122822).\n- iommu/hyper-v: Add Hyper-V stub IOMMU driver (bsc#1122822).\n- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1111331).\n- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).\n- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (bsc#1111331).\n- MDS: Add CVE refs\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1129279).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1129279).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1129279).\n- net: ena: complete host info to match latest ENA spec (bsc#1129279).\n- net: ena: enable Low Latency Queues (bsc#1129279).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1129279).\n- net: ena: fix auto casting to boolean (bsc#1129279).\n- net: ena: fix compilation error in xtensa architecture (bsc#1129279).\n- net: ena: fix crash during ena_remove() (bsc#1129279).\n- net: ena: fix crash during failed resume from hibernation (bsc#1129279).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1129279).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1129279).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1129279).\n- net: ena: fix race between link up and device initalization (bsc#1129279).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1129279).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1129279).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1129279).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1129279).\n- net: ena: minor performance improvement (bsc#1129279).\n- net: ena: remove ndo_poll_controller (bsc#1129279).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1129279).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1129279).\n- net: ena: update driver version from 2.0.2 to 2.0.3 (bsc#1129279).\n- net: ena: update driver version to 2.0.1 (bsc#1129279).\n- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1129279).\n- PCI: hv: Add vPCI version protocol negotiation (bnc#1043485, bsc#1122822).\n- PCI: hv: Allocate interrupt descriptors with GFP_ATOMIC (bnc#1034113, bsc#1122822).\n- PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg() (bnc#1094268, bsc#1122822).\n- PCI: hv: Do not sleep in compose_msi_msg() (bsc#1082632, bsc#1122822).\n- PCI: hv: Fix 2 hang issues in hv_compose_msi_msg() (bsc#1087659, bsc#1087906, bsc#1122822).\n- PCI: hv: Fix a comment typo in _hv_pcifront_read_config() (bsc#1087659, bsc#1122822).\n- PCI: hv: Fix comment formatting and use proper integer fields (bnc#1043485, bsc#1122822).\n- PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary (bsc#1087659, bsc#1122822).\n- PCI: hv: Remove the bogus test in hv_eject_device_work() (bsc#1087659, bsc#1122822).\n- PCI: hv: Serialize the present and eject work items (bsc#1087659, bsc#1122822).\n- PCI: hv: Specify CPU_AFFINITY_ALL for MSI affinity when >= 32 CPUs (bnc#1043485, bsc#1122822).\n- PCI: hv: Temporary own CPU-number-to-vCPU-number infra (bnc#1043485, bsc#1122822).\n- PCI: hv: Use effective affinity mask (bsc#1109772, bsc#1122822).\n- PCI: hv: Use page allocation for hbus structure (bnc#1043485, bsc#1122822).\n- PCI: hv: Use vPCI protocol version 1.2 (bnc#1043485, bsc#1122822).\n- pci-hyperv: increase HV_VP_SET_BANK_COUNT_MAX to handle 1792 vcpus (bsc#1122822).\n- powerpc/64: Disable the speculation barrier from the command line (bsc#1068032).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- powerpc/tm: Add commandline option to disable hardware transactional memory (bsc#1118338).\n- powerpc/tm: Add TM Unavailable Exception (bsc#1118338).\n- powerpc/tm: Flip the HTM switch default to disabled (bsc#1125580).\n- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).\n- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).\n- s390: add explicit <linux/stringify.h> for jump label (bsc#1111331).\n- sched/core: Optimize SCHED_SMT (bsc#1111331).\n- sched/smt: Expose sched_smt_present static key (bsc#1106913).\n- sched/smt: Make sched_smt_present track topology (bsc#1106913).\n- sched/smt: Update sched_smt_present at runtime (bsc#1111331).\n- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.\n- scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).\n- scsi: storvsc: Reduce default ring buffer size to 128 Kbytes ().\n- time: Introduce jiffies64_to_nsecs() (bsc#1113399).\n- Use upstream variant of two pci-hyperv patches\n- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382 bsc#1100152).\n- x86/apic: Provide apic_ack_irq() (bsc#1122822).\n- x86/bugs: Add AMD's variant of SSB_NO (bsc#1111331).\n- x86/bugs: Rename SSBD_NO to SSB_NO (bsc#1111331).\n- x86/cpu: Rename Merrifield2 to Moorefield (bsc#1111331).\n- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).\n- x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (bsc#1122822).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772, bsc#1122822).\n- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331).\n- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).\n- x86/msr-index: Cleanup bit defines (bsc#1111331).\n- x86/speculation: Consolidate CPU whitelists (bsc#1111331).\n- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).\n- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).\n- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).\n- x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331).\n- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).\n- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).\n- x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331).\n- x86/speculation/mds: Add SMT warning message (bsc#1111331).\n- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).\n- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).\n- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).\n- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bsc#1111331).\n- x86/speculation: Move arch_smt_update() call to after mitigation decisions (bsc#1111331).\n- x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1111331).\n- x86/speculation: Rework SMT state change (bsc#1111331).\n- x86/speculation: Simplify the CPU bug detection logic (bsc#1111331).\n- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- x86: stop exporting msr-index.h to userland (bsc#1111331).\n- xfrm6: call kfree_skb when skb is toobig (bnc#1012382 bsc#1100152).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382 bsc#1100152).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1287,SUSE-OpenStack-Cloud-7-2019-1287,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-1287,SUSE-SLE-HA-12-SP2-2019-1287,SUSE-SLE-SAP-12-SP2-2019-1287,SUSE-SLE-SERVER-12-SP2-2019-1287,SUSE-SLE-SERVER-12-SP2-BCL-2019-1287,SUSE-Storage-4-2019-1287", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1287-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1287-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191287-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1287-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-May/005474.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1024908", url: "https://bugzilla.suse.com/1024908", }, { category: "self", summary: "SUSE Bug 1034113", url: "https://bugzilla.suse.com/1034113", }, { category: "self", summary: "SUSE Bug 1043485", url: "https://bugzilla.suse.com/1043485", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1073311", url: "https://bugzilla.suse.com/1073311", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1080533", url: "https://bugzilla.suse.com/1080533", }, { category: "self", summary: "SUSE Bug 1082632", url: "https://bugzilla.suse.com/1082632", }, { category: "self", summary: "SUSE Bug 1087231", url: "https://bugzilla.suse.com/1087231", }, { category: "self", summary: "SUSE Bug 1087659", url: "https://bugzilla.suse.com/1087659", }, { category: "self", summary: "SUSE Bug 1087906", url: "https://bugzilla.suse.com/1087906", }, { category: "self", summary: "SUSE Bug 1093158", url: "https://bugzilla.suse.com/1093158", }, { category: "self", summary: "SUSE Bug 1094268", url: "https://bugzilla.suse.com/1094268", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1100152", url: "https://bugzilla.suse.com/1100152", }, { category: "self", summary: "SUSE Bug 1103186", url: "https://bugzilla.suse.com/1103186", }, { category: "self", summary: "SUSE Bug 1106913", url: "https://bugzilla.suse.com/1106913", }, { category: "self", summary: "SUSE Bug 1109772", url: "https://bugzilla.suse.com/1109772", }, { category: "self", summary: "SUSE Bug 1111331", url: "https://bugzilla.suse.com/1111331", }, { category: "self", summary: "SUSE Bug 1112178", url: "https://bugzilla.suse.com/1112178", }, { category: "self", summary: "SUSE Bug 1113399", url: "https://bugzilla.suse.com/1113399", }, { category: "self", summary: "SUSE Bug 1116841", url: "https://bugzilla.suse.com/1116841", }, { category: "self", summary: "SUSE Bug 1118338", url: "https://bugzilla.suse.com/1118338", }, { category: "self", summary: "SUSE Bug 1119019", url: "https://bugzilla.suse.com/1119019", }, { category: "self", summary: "SUSE Bug 1122822", url: "https://bugzilla.suse.com/1122822", }, { category: "self", summary: "SUSE Bug 1124832", url: "https://bugzilla.suse.com/1124832", }, { category: "self", summary: "SUSE Bug 1125580", url: "https://bugzilla.suse.com/1125580", }, { category: "self", summary: "SUSE Bug 1129279", url: "https://bugzilla.suse.com/1129279", }, { category: "self", summary: "SUSE Bug 1131416", url: "https://bugzilla.suse.com/1131416", }, { category: "self", summary: "SUSE Bug 1131427", url: "https://bugzilla.suse.com/1131427", }, { category: "self", summary: "SUSE Bug 1131587", url: "https://bugzilla.suse.com/1131587", }, { category: "self", summary: "SUSE Bug 1132673", url: "https://bugzilla.suse.com/1132673", }, { category: "self", summary: "SUSE Bug 1132828", url: "https://bugzilla.suse.com/1132828", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE CVE CVE-2016-8636 page", url: "https://www.suse.com/security/cve/CVE-2016-8636/", }, { category: "self", summary: "SUSE CVE CVE-2017-17741 page", url: "https://www.suse.com/security/cve/CVE-2017-17741/", }, { category: "self", summary: "SUSE CVE CVE-2017-18174 page", url: "https://www.suse.com/security/cve/CVE-2017-18174/", }, { category: "self", summary: "SUSE CVE CVE-2018-1091 page", url: "https://www.suse.com/security/cve/CVE-2018-1091/", }, { category: "self", summary: "SUSE CVE CVE-2018-1120 page", url: "https://www.suse.com/security/cve/CVE-2018-1120/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12126 page", url: "https://www.suse.com/security/cve/CVE-2018-12126/", }, { category: "self", summary: "SUSE CVE CVE-2018-12127 page", url: "https://www.suse.com/security/cve/CVE-2018-12127/", }, { category: "self", summary: "SUSE CVE CVE-2018-12130 page", url: "https://www.suse.com/security/cve/CVE-2018-12130/", }, { category: "self", summary: "SUSE CVE CVE-2018-19407 page", url: "https://www.suse.com/security/cve/CVE-2018-19407/", }, { category: "self", summary: "SUSE CVE CVE-2019-11091 page", url: "https://www.suse.com/security/cve/CVE-2019-11091/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-8564 page", url: "https://www.suse.com/security/cve/CVE-2019-8564/", }, { category: "self", summary: "SUSE CVE CVE-2019-9503 page", url: "https://www.suse.com/security/cve/CVE-2019-9503/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-05-17T13:47:13Z", generator: { date: "2019-05-17T13:47:13Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1287-1", initial_release_date: "2019-05-17T13:47:13Z", revision_history: [ { date: "2019-05-17T13:47:13Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.109.2.aarch64", product: { name: "cluster-md-kmp-default-4.4.121-92.109.2.aarch64", product_id: "cluster-md-kmp-default-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.aarch64", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.aarch64", product_id: "cluster-md-kmp-vanilla-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.109.2.aarch64", product: { name: "cluster-network-kmp-default-4.4.121-92.109.2.aarch64", product_id: "cluster-network-kmp-default-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.aarch64", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.aarch64", product_id: "cluster-network-kmp-vanilla-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.109.2.aarch64", product: { name: "dlm-kmp-default-4.4.121-92.109.2.aarch64", product_id: "dlm-kmp-default-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.109.2.aarch64", product: { name: "dlm-kmp-vanilla-4.4.121-92.109.2.aarch64", product_id: "dlm-kmp-vanilla-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.109.2.aarch64", product: { name: "gfs2-kmp-default-4.4.121-92.109.2.aarch64", product_id: "gfs2-kmp-default-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.109.2.aarch64", product: { name: "gfs2-kmp-vanilla-4.4.121-92.109.2.aarch64", product_id: "gfs2-kmp-vanilla-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.109.2.aarch64", product: { name: "kernel-default-4.4.121-92.109.2.aarch64", product_id: "kernel-default-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.109.2.aarch64", product: { name: "kernel-default-base-4.4.121-92.109.2.aarch64", product_id: "kernel-default-base-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.109.2.aarch64", product: { name: "kernel-default-devel-4.4.121-92.109.2.aarch64", product_id: "kernel-default-devel-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.109.2.aarch64", product: { name: "kernel-default-extra-4.4.121-92.109.2.aarch64", product_id: "kernel-default-extra-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.109.2.aarch64", product: { name: "kernel-default-kgraft-4.4.121-92.109.2.aarch64", product_id: "kernel-default-kgraft-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.109.2.aarch64", product: { name: "kernel-obs-build-4.4.121-92.109.2.aarch64", product_id: "kernel-obs-build-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.109.2.aarch64", product: { name: "kernel-obs-qa-4.4.121-92.109.2.aarch64", product_id: "kernel-obs-qa-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.109.2.aarch64", product: { name: "kernel-syms-4.4.121-92.109.2.aarch64", product_id: "kernel-syms-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.109.2.aarch64", product: { name: "kernel-vanilla-4.4.121-92.109.2.aarch64", product_id: "kernel-vanilla-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.109.2.aarch64", product: { name: "kernel-vanilla-base-4.4.121-92.109.2.aarch64", product_id: "kernel-vanilla-base-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.109.2.aarch64", product: { name: "kernel-vanilla-devel-4.4.121-92.109.2.aarch64", product_id: "kernel-vanilla-devel-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.109.2.aarch64", product: { name: "ocfs2-kmp-default-4.4.121-92.109.2.aarch64", product_id: "ocfs2-kmp-default-4.4.121-92.109.2.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.aarch64", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.aarch64", product_id: "ocfs2-kmp-vanilla-4.4.121-92.109.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.121-92.109.2.noarch", product: { name: "kernel-devel-4.4.121-92.109.2.noarch", product_id: "kernel-devel-4.4.121-92.109.2.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.121-92.109.3.noarch", product: { name: "kernel-docs-4.4.121-92.109.3.noarch", product_id: "kernel-docs-4.4.121-92.109.3.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.4.121-92.109.3.noarch", product: { name: "kernel-docs-html-4.4.121-92.109.3.noarch", product_id: "kernel-docs-html-4.4.121-92.109.3.noarch", }, }, { category: "product_version", name: "kernel-docs-pdf-4.4.121-92.109.3.noarch", product: { name: "kernel-docs-pdf-4.4.121-92.109.3.noarch", product_id: "kernel-docs-pdf-4.4.121-92.109.3.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.121-92.109.2.noarch", product: { name: "kernel-macros-4.4.121-92.109.2.noarch", product_id: "kernel-macros-4.4.121-92.109.2.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.121-92.109.2.noarch", product: { name: "kernel-source-4.4.121-92.109.2.noarch", product_id: "kernel-source-4.4.121-92.109.2.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.4.121-92.109.2.noarch", product: { name: "kernel-source-vanilla-4.4.121-92.109.2.noarch", product_id: "kernel-source-vanilla-4.4.121-92.109.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.121-92.109.2.ppc64le", product: { name: "cluster-md-kmp-debug-4.4.121-92.109.2.ppc64le", product_id: "cluster-md-kmp-debug-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", product: { name: "cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", product_id: "cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.ppc64le", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.ppc64le", product_id: "cluster-md-kmp-vanilla-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-debug-4.4.121-92.109.2.ppc64le", product: { name: "cluster-network-kmp-debug-4.4.121-92.109.2.ppc64le", product_id: "cluster-network-kmp-debug-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", product: { name: "cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", product_id: "cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.ppc64le", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.ppc64le", product_id: "cluster-network-kmp-vanilla-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.121-92.109.2.ppc64le", product: { name: "dlm-kmp-debug-4.4.121-92.109.2.ppc64le", product_id: "dlm-kmp-debug-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.109.2.ppc64le", product: { name: "dlm-kmp-default-4.4.121-92.109.2.ppc64le", product_id: "dlm-kmp-default-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.109.2.ppc64le", product: { name: "dlm-kmp-vanilla-4.4.121-92.109.2.ppc64le", product_id: "dlm-kmp-vanilla-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.121-92.109.2.ppc64le", product: { name: "gfs2-kmp-debug-4.4.121-92.109.2.ppc64le", product_id: "gfs2-kmp-debug-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.109.2.ppc64le", product: { name: "gfs2-kmp-default-4.4.121-92.109.2.ppc64le", product_id: "gfs2-kmp-default-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.109.2.ppc64le", product: { name: "gfs2-kmp-vanilla-4.4.121-92.109.2.ppc64le", product_id: "gfs2-kmp-vanilla-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.4.121-92.109.2.ppc64le", product: { name: "kernel-debug-4.4.121-92.109.2.ppc64le", product_id: "kernel-debug-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.4.121-92.109.2.ppc64le", product: { name: "kernel-debug-base-4.4.121-92.109.2.ppc64le", product_id: "kernel-debug-base-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.121-92.109.2.ppc64le", product: { name: "kernel-debug-devel-4.4.121-92.109.2.ppc64le", product_id: "kernel-debug-devel-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.121-92.109.2.ppc64le", product: { name: "kernel-debug-extra-4.4.121-92.109.2.ppc64le", product_id: "kernel-debug-extra-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.121-92.109.2.ppc64le", product: { name: "kernel-debug-kgraft-4.4.121-92.109.2.ppc64le", product_id: "kernel-debug-kgraft-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.109.2.ppc64le", product: { name: "kernel-default-4.4.121-92.109.2.ppc64le", product_id: "kernel-default-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.109.2.ppc64le", product: { name: "kernel-default-base-4.4.121-92.109.2.ppc64le", product_id: "kernel-default-base-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.109.2.ppc64le", product: { name: "kernel-default-devel-4.4.121-92.109.2.ppc64le", product_id: "kernel-default-devel-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.109.2.ppc64le", product: { name: "kernel-default-extra-4.4.121-92.109.2.ppc64le", product_id: "kernel-default-extra-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.109.2.ppc64le", product: { name: "kernel-default-kgraft-4.4.121-92.109.2.ppc64le", product_id: "kernel-default-kgraft-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.109.2.ppc64le", product: { name: "kernel-obs-build-4.4.121-92.109.2.ppc64le", product_id: "kernel-obs-build-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.109.2.ppc64le", product: { name: "kernel-obs-qa-4.4.121-92.109.2.ppc64le", product_id: "kernel-obs-qa-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.109.2.ppc64le", product: { name: "kernel-syms-4.4.121-92.109.2.ppc64le", product_id: "kernel-syms-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.109.2.ppc64le", product: { name: "kernel-vanilla-4.4.121-92.109.2.ppc64le", product_id: "kernel-vanilla-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.109.2.ppc64le", product: { name: "kernel-vanilla-base-4.4.121-92.109.2.ppc64le", product_id: "kernel-vanilla-base-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.109.2.ppc64le", product: { name: "kernel-vanilla-devel-4.4.121-92.109.2.ppc64le", product_id: "kernel-vanilla-devel-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", product: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", product_id: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.121-92.109.2.ppc64le", product: { name: "ocfs2-kmp-debug-4.4.121-92.109.2.ppc64le", product_id: "ocfs2-kmp-debug-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", product: { name: "ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", product_id: "ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.ppc64le", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.ppc64le", product_id: "ocfs2-kmp-vanilla-4.4.121-92.109.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.109.2.s390x", product: { name: "cluster-md-kmp-default-4.4.121-92.109.2.s390x", product_id: "cluster-md-kmp-default-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.s390x", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.s390x", product_id: "cluster-md-kmp-vanilla-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.109.2.s390x", product: { name: "cluster-network-kmp-default-4.4.121-92.109.2.s390x", product_id: "cluster-network-kmp-default-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.s390x", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.s390x", product_id: "cluster-network-kmp-vanilla-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.109.2.s390x", product: { name: "dlm-kmp-default-4.4.121-92.109.2.s390x", product_id: "dlm-kmp-default-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.109.2.s390x", product: { name: "dlm-kmp-vanilla-4.4.121-92.109.2.s390x", product_id: "dlm-kmp-vanilla-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.109.2.s390x", product: { name: "gfs2-kmp-default-4.4.121-92.109.2.s390x", product_id: "gfs2-kmp-default-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.109.2.s390x", product: { name: "gfs2-kmp-vanilla-4.4.121-92.109.2.s390x", product_id: "gfs2-kmp-vanilla-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.109.2.s390x", product: { name: "kernel-default-4.4.121-92.109.2.s390x", product_id: "kernel-default-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.109.2.s390x", product: { name: "kernel-default-base-4.4.121-92.109.2.s390x", product_id: "kernel-default-base-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.109.2.s390x", product: { name: "kernel-default-devel-4.4.121-92.109.2.s390x", product_id: "kernel-default-devel-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.109.2.s390x", product: { name: "kernel-default-extra-4.4.121-92.109.2.s390x", product_id: "kernel-default-extra-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.109.2.s390x", product: { name: "kernel-default-kgraft-4.4.121-92.109.2.s390x", product_id: "kernel-default-kgraft-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.121-92.109.2.s390x", product: { name: "kernel-default-man-4.4.121-92.109.2.s390x", product_id: "kernel-default-man-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.109.2.s390x", product: { name: "kernel-obs-build-4.4.121-92.109.2.s390x", product_id: "kernel-obs-build-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.109.2.s390x", product: { name: "kernel-obs-qa-4.4.121-92.109.2.s390x", product_id: "kernel-obs-qa-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.109.2.s390x", product: { name: "kernel-syms-4.4.121-92.109.2.s390x", product_id: "kernel-syms-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.109.2.s390x", product: { name: "kernel-vanilla-4.4.121-92.109.2.s390x", product_id: "kernel-vanilla-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.109.2.s390x", product: { name: "kernel-vanilla-base-4.4.121-92.109.2.s390x", product_id: "kernel-vanilla-base-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.109.2.s390x", product: { name: "kernel-vanilla-devel-4.4.121-92.109.2.s390x", product_id: "kernel-vanilla-devel-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.4.121-92.109.2.s390x", product: { name: "kernel-zfcpdump-4.4.121-92.109.2.s390x", product_id: "kernel-zfcpdump-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.109.2.s390x", product: { name: "ocfs2-kmp-default-4.4.121-92.109.2.s390x", product_id: "ocfs2-kmp-default-4.4.121-92.109.2.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.s390x", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.s390x", product_id: "ocfs2-kmp-vanilla-4.4.121-92.109.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.121-92.109.2.x86_64", product: { name: "cluster-md-kmp-debug-4.4.121-92.109.2.x86_64", product_id: "cluster-md-kmp-debug-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.109.2.x86_64", product: { name: "cluster-md-kmp-default-4.4.121-92.109.2.x86_64", product_id: "cluster-md-kmp-default-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.x86_64", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.109.2.x86_64", product_id: "cluster-md-kmp-vanilla-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-debug-4.4.121-92.109.2.x86_64", product: { name: "cluster-network-kmp-debug-4.4.121-92.109.2.x86_64", product_id: "cluster-network-kmp-debug-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.109.2.x86_64", product: { name: "cluster-network-kmp-default-4.4.121-92.109.2.x86_64", product_id: "cluster-network-kmp-default-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.x86_64", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.109.2.x86_64", product_id: "cluster-network-kmp-vanilla-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.121-92.109.2.x86_64", product: { name: "dlm-kmp-debug-4.4.121-92.109.2.x86_64", product_id: "dlm-kmp-debug-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.109.2.x86_64", product: { name: "dlm-kmp-default-4.4.121-92.109.2.x86_64", product_id: "dlm-kmp-default-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.109.2.x86_64", product: { name: "dlm-kmp-vanilla-4.4.121-92.109.2.x86_64", product_id: "dlm-kmp-vanilla-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.121-92.109.2.x86_64", product: { name: "gfs2-kmp-debug-4.4.121-92.109.2.x86_64", product_id: "gfs2-kmp-debug-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.109.2.x86_64", product: { name: "gfs2-kmp-default-4.4.121-92.109.2.x86_64", product_id: "gfs2-kmp-default-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.109.2.x86_64", product: { name: "gfs2-kmp-vanilla-4.4.121-92.109.2.x86_64", product_id: "gfs2-kmp-vanilla-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.4.121-92.109.2.x86_64", product: { name: "kernel-debug-4.4.121-92.109.2.x86_64", product_id: "kernel-debug-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.4.121-92.109.2.x86_64", product: { name: "kernel-debug-base-4.4.121-92.109.2.x86_64", product_id: "kernel-debug-base-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.121-92.109.2.x86_64", product: { name: "kernel-debug-devel-4.4.121-92.109.2.x86_64", product_id: "kernel-debug-devel-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.121-92.109.2.x86_64", product: { name: "kernel-debug-extra-4.4.121-92.109.2.x86_64", product_id: "kernel-debug-extra-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.121-92.109.2.x86_64", product: { name: "kernel-debug-kgraft-4.4.121-92.109.2.x86_64", product_id: "kernel-debug-kgraft-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.109.2.x86_64", product: { name: "kernel-default-4.4.121-92.109.2.x86_64", product_id: "kernel-default-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.109.2.x86_64", product: { name: "kernel-default-base-4.4.121-92.109.2.x86_64", product_id: "kernel-default-base-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.109.2.x86_64", product: { name: "kernel-default-devel-4.4.121-92.109.2.x86_64", product_id: "kernel-default-devel-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.109.2.x86_64", product: { name: "kernel-default-extra-4.4.121-92.109.2.x86_64", product_id: "kernel-default-extra-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.109.2.x86_64", product: { name: "kernel-default-kgraft-4.4.121-92.109.2.x86_64", product_id: "kernel-default-kgraft-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.109.2.x86_64", product: { name: "kernel-obs-build-4.4.121-92.109.2.x86_64", product_id: "kernel-obs-build-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.109.2.x86_64", product: { name: "kernel-obs-qa-4.4.121-92.109.2.x86_64", product_id: "kernel-obs-qa-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.109.2.x86_64", product: { name: "kernel-syms-4.4.121-92.109.2.x86_64", product_id: "kernel-syms-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.109.2.x86_64", product: { name: "kernel-vanilla-4.4.121-92.109.2.x86_64", product_id: "kernel-vanilla-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.109.2.x86_64", product: { name: "kernel-vanilla-base-4.4.121-92.109.2.x86_64", product_id: "kernel-vanilla-base-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.109.2.x86_64", product: { name: "kernel-vanilla-devel-4.4.121-92.109.2.x86_64", product_id: "kernel-vanilla-devel-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", product: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", product_id: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.121-92.109.2.x86_64", product: { name: "ocfs2-kmp-debug-4.4.121-92.109.2.x86_64", product_id: "ocfs2-kmp-debug-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.109.2.x86_64", product: { name: "ocfs2-kmp-default-4.4.121-92.109.2.x86_64", product_id: "ocfs2-kmp-default-4.4.121-92.109.2.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.x86_64", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.109.2.x86_64", product_id: "ocfs2-kmp-vanilla-4.4.121-92.109.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP2", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 4", product: { name: "SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4", product_identification_helper: { cpe: "cpe:/o:suse:ses:4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-base-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.121-92.109.2.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-man-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.109.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", }, product_reference: "kernel-devel-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.109.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", }, product_reference: "kernel-macros-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.109.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", }, product_reference: "kernel-source-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", }, product_reference: "kernel-syms-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-syms-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", }, product_reference: "cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", }, product_reference: "cluster-md-kmp-default-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", }, product_reference: "cluster-md-kmp-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", }, product_reference: "cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", }, product_reference: "cluster-network-kmp-default-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", }, product_reference: "cluster-network-kmp-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", }, product_reference: "dlm-kmp-default-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", }, product_reference: "dlm-kmp-default-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", }, product_reference: "dlm-kmp-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", }, product_reference: "gfs2-kmp-default-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", }, product_reference: "gfs2-kmp-default-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", }, product_reference: "gfs2-kmp-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", }, product_reference: "ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", }, product_reference: "ocfs2-kmp-default-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", }, product_reference: "ocfs2-kmp-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-default-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-default-base-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", }, product_reference: "kernel-devel-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", }, product_reference: "kernel-macros-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", }, product_reference: "kernel-source-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-syms-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-syms-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", }, product_reference: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-default-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-default-base-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-base-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", }, product_reference: "kernel-default-man-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", }, product_reference: "kernel-devel-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", }, product_reference: "kernel-macros-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", }, product_reference: "kernel-source-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", }, product_reference: "kernel-syms-4.4.121-92.109.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", }, product_reference: "kernel-syms-4.4.121-92.109.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-syms-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", }, product_reference: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", }, product_reference: "kernel-devel-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", }, product_reference: "kernel-macros-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.109.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", }, product_reference: "kernel-source-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-syms-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.109.2.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.109.2.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.109.2.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.109.2.noarch as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", }, product_reference: "kernel-devel-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.109.2.noarch as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", }, product_reference: "kernel-macros-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.109.2.noarch as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", }, product_reference: "kernel-source-4.4.121-92.109.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.109.2.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", }, product_reference: "kernel-syms-4.4.121-92.109.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, ], }, vulnerabilities: [ { cve: "CVE-2016-8636", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-8636", }, ], notes: [ { category: "general", text: "Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the \"RDMA protocol over infiniband\" (aka Soft RoCE) technology.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-8636", url: "https://www.suse.com/security/cve/CVE-2016-8636", }, { category: "external", summary: "SUSE Bug 1024908 for CVE-2016-8636", url: "https://bugzilla.suse.com/1024908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "important", }, ], title: "CVE-2016-8636", }, { cve: "CVE-2017-17741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17741", }, ], notes: [ { category: "general", text: "The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17741", url: "https://www.suse.com/security/cve/CVE-2017-17741", }, { category: "external", summary: "SUSE Bug 1073311 for CVE-2017-17741", url: "https://bugzilla.suse.com/1073311", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2017-17741", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "important", }, ], title: "CVE-2017-17741", }, { cve: "CVE-2017-18174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18174", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18174", url: "https://www.suse.com/security/cve/CVE-2017-18174", }, { category: "external", summary: "SUSE Bug 1080533 for CVE-2017-18174", url: "https://bugzilla.suse.com/1080533", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2017-18174", }, { cve: "CVE-2018-1091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1091", }, ], notes: [ { category: "general", text: "In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1091", url: "https://www.suse.com/security/cve/CVE-2018-1091", }, { category: "external", summary: "SUSE Bug 1087231 for CVE-2018-1091", url: "https://bugzilla.suse.com/1087231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2018-1091", }, { cve: "CVE-2018-1120", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1120", }, ], notes: [ { category: "general", text: "A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1120", url: "https://www.suse.com/security/cve/CVE-2018-1120", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-1120", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092100 for CVE-2018-1120", url: "https://bugzilla.suse.com/1092100", }, { category: "external", summary: "SUSE Bug 1093158 for CVE-2018-1120", url: "https://bugzilla.suse.com/1093158", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "low", }, ], title: "CVE-2018-1120", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12126", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12126", }, ], notes: [ { category: "general", text: "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12126", url: "https://www.suse.com/security/cve/CVE-2018-12126", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12126", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12126", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12126", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1135524 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135524", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12126", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12126", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12126", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1149725 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149725", }, { category: "external", summary: "SUSE Bug 1149726 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149726", }, { category: "external", summary: "SUSE Bug 1149729 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149729", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12126", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12126", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2018-12126", }, { cve: "CVE-2018-12127", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12127", }, ], notes: [ { category: "general", text: "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12127", url: "https://www.suse.com/security/cve/CVE-2018-12127", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12127", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12127", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12127", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12127", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12127", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12127", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12127", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12127", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2018-12127", }, { cve: "CVE-2018-12130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12130", }, ], notes: [ { category: "general", text: "Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12130", url: "https://www.suse.com/security/cve/CVE-2018-12130", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12130", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12130", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12130", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12130", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12130", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12130", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12130", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12130", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12130", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2018-12130", }, { cve: "CVE-2018-19407", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19407", }, ], notes: [ { category: "general", text: "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19407", url: "https://www.suse.com/security/cve/CVE-2018-19407", }, { category: "external", summary: "SUSE Bug 1116841 for CVE-2018-19407", url: "https://bugzilla.suse.com/1116841", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2018-19407", }, { cve: "CVE-2019-11091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11091", }, ], notes: [ { category: "general", text: "Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11091", url: "https://www.suse.com/security/cve/CVE-2019-11091", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2019-11091", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2019-11091", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11091", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-11091", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1135394 for CVE-2019-11091", url: "https://bugzilla.suse.com/1135394", }, { category: "external", summary: "SUSE Bug 1138043 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138043", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2019-11091", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2019-11091", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2019-11091", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2019-11091", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-8564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8564", }, ], notes: [ { category: "general", text: "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8564", url: "https://www.suse.com/security/cve/CVE-2019-8564", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2019-8564", }, { cve: "CVE-2019-9503", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9503", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9503", url: "https://www.suse.com/security/cve/CVE-2019-9503", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132828", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-9503", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1156653 for CVE-2019-9503", url: "https://bugzilla.suse.com/1156653", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.109.2.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.109.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.109.2.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.109.2.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_109-default-1-3.5.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-17T13:47:13Z", details: "moderate", }, ], title: "CVE-2019-9503", }, ], }
suse-su-2019:1550-1
Vulnerability from csaf_suse
Published
2019-06-18 16:07
Modified
2019-06-18 16:07
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-12819: The function __mdiobus_register() called put_device(), which
triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of
service. (bsc#1138291)
- CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c
may return NULL. If the caller does not check for this, it will trigger a
NULL pointer dereference. This will cause denial of service. This used to
affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293)
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic.
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able to
further exploit the fragmented queue to cause an expensive linked-list walk
for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: An attacker could force the Linux kernel to segment its
responses into multiple TCP segments. This would drastically increased the
bandwidth required to deliver the same amount of data. Further, it would
consume additional resources such as CPU and NIC processing power.
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly
escalate privileges was found in the mwifiex kernel module while connecting
to a malicious wireless network. (bsc#1136424)
- CVE-2019-10124: An issue was discovered in the hwpoison implementation in
mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs
on a thp tail page after pmd is split, an attacker could cause a denial of
service (bsc#1130699, CVE-2019-10124).
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in
drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked
kstrdup of fwstr, which might allow an attacker to cause a denial of service
(NULL pointer dereference and system crash). (bsc#1136586)
- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with
resultant use-after-free issues, if about 140 GiB of RAM exists. This is
related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h,
include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c.
It could occur with FUSE requests. (bbsc#1133190)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of other
processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.) Limited
remote exploitation may be possible, as demonstrated by latency differences
in accessing public files from an Apache HTTP Server. (bsc#1120843)
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the
unused memory region in the extent tree block, which might allow local users
to obtain sensitive information by reading uninitialized data in the
filesystem. (bsc#1135281)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM):
Uncacheable memory on some microprocessors utilizing speculative execution
may have allowed an authenticated user to potentially enable information
disclosure via a side channel with local access. A list of impacted products
can be found here:
https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.
(bsc##1111331)
- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name
was not called before register_netdevice. This allowed local users to cause a
denial of service (NULL pointer dereference and panic) via an
ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603)
- CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer
Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing
speculative execution which may have allowed an authenticated user to
potentially enable information disclosure via a side channel with local
access. A list of impacted products can be found here:
https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.
(bsc#1103186)
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in
Intel(R) i915 Graphics for Linux may have allowed an authenticated user to
potentially enable escalation of privilege via local access. (bsc#1135278)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c
in the Linux kernel There was a race condition leading to a use-after-free,
related to net namespace cleanup. (bsc#1135278)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c
in the Linux kernel allowed a local user to obtain potentially sensitive
information from kernel stack memory via a hidPCONNADD command, because a
name field may not end with a '\0' character. (bsc#1134848)
- CVE-2019-11811: An issue was discovered in the Linux kernel There was a
use-after-free upon attempted read access to /proc/ioports after the ipmi_si
module was removed, related to drivers/char/ipmi/ipmi_si_intf.c,
drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
(bsc#1134397)
- CVE-2019-11486: The Siemens R3964 line discipline driver in
drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions.
(bsc#1133188)
- CVE-2019-9003: In the Linux kernel, attackers could trigger a
drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for
certain simultaneous execution of the code, as demonstrated by a 'service
ipmievd restart' loop. (bsc#1126704)
- CVE-2018-16880: A flaw was found in the Linux kernel's handle_rx() function
in the [vhost_net] driver. A malicious virtual guest, under specific
conditions, could trigger an out-of-bounds write in a kmalloc-8 slab on a
virtual host which may have lead to a kernel memory corruption and a system
panic. Due to the nature of the flaw, privilege escalation cannot be fully
ruled out.(bsc#1122767)
- CVE-2019-9503: An issue was discoved which meant that brcmfmac frame
validation could be bypassed. (bsc#1132828)
- CVE-2019-9500: An issue was discovered that lead to brcmfmac heap buffer
overflow. (bsc#1132681)
- CVE-2019-8564: An issue was discoved which meant that brcmfmac frame
validation could be bypassed. (bsc#1132673)
- CVE-2017-5753: Systems with microprocessors utilizing speculative execution
and branch prediction may have allowed unauthorized disclosure of information
to an attacker with local user access via a side-channel analysis.
- CVE-2019-3882: A flaw was found in the Linux kernel's vfio interface
implementation that permitted violation of the user's locked memory limit. If
a device was bound to a vfio driver, such as vfio-pci, and the local attacker
is administratively granted ownership of the device, it may have caused a
system memory exhaustion and thus a denial of service (DoS). (bsc#1131427)
The following non-security bugs were fixed:
- 9p locks: add mount option for lock retry interval (bsc#1051510).
- 9p: do not trust pdu content for stat item size (bsc#1051510).
- acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).
- acpi / utils: Drop reference in test for device presence (bsc#1051510).
- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).
- acpi: Add Hygon Dhyana support ().
- acpi: button: reinitialize button state upon resume (bsc#1051510).
- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).
- acpi: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bsc#1111666).
- acpi: property: restore _DSD data subnodes GUID comment (bsc#1111666).
- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).
- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
- alsa: core: Fix card races between register and disconnect (bsc#1051510).
- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- alsa: hda - Add two more machines to the power_save_blacklist (bsc#1051510).
- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
- alsa: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).
- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: hda/realtek - EAPD turn on later (bsc#1051510).
- alsa: hda/realtek - Enable micmute LED for Huawei laptops (bsc#1051510).
- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).
- alsa: hda/realtek - Move to ACT_INIT state (bsc#1111666).
- alsa: hda/realtek - Support low power consumption for ALC256 (bsc#1051510).
- alsa: hda/realtek - Support low power consumption for ALC295 (bsc#1051510).
- alsa: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bsc#1111666).
- alsa: hda: Initialize power_state field properly (bsc#1051510).
- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).
- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
- alsa: line6: use dynamic buffers (bsc#1051510).
- alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).
- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).
- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- alsa: timer: Coding style fixes (bsc#1051510).
- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- alsa: timer: Make sure to clear pending ack list (bsc#1051510).
- alsa: timer: Revert active callback sync check at close (bsc#1051510).
- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- alsa: timer: Unify timer callback process code (bsc#1051510).
- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- alsa: usx2y: fix a double free bug (bsc#1051510).
- appletalk: Fix compile regression (bsc#1051510).
- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).
- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).
- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
- arm64: fix acpi dependencies (bsc#1117158).
- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- asoc: fix valid stream condition (bsc#1051510).
- asoc: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).
- asoc: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).
- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- asoc: stm32: fix sai driver name initialisation (bsc#1051510).
- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- asoc: topology: free created components in tplg load error (bsc#1051510).
- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).
- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
- ath10k: avoid possible string overflow (bsc#1051510).
- ath10k: snoc: fix unbalanced clock error handling (bsc#1111666).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: treat stale and dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- bitmap: Add bitmap_alloc(), bitmap_zalloc() and bitmap_free() (jsc#SLE-4797).
- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).
- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).
- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).
- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).
- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).
- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).
- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).
- blkcg: Introduce blkg_root_lookup() (bsc#1131673).
- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).
- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).
- block: fix the return errno for direct IO (bsc#1135320).
- block: fix use-after-free on gendisk (bsc#1135312).
- block: Introduce blk_exit_queue() (bsc#1131673).
- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).
- block: remove bio_rewind_iter() (bsc#1131673).
- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).
- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
- bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).
- bluetooth: hidp: fix buffer overflow (bsc#1051510).
- bnx2x: Add support for detection of P2P event packets (bsc#1136498 jsc#SLE-4699).
- bnx2x: Bump up driver version to 1.713.36 (bsc#1136498 jsc#SLE-4699).
- bnx2x: fix spelling mistake 'dicline' -> 'decline' (bsc#1136498 jsc#SLE-4699).
- bnx2x: fix various indentation issues (bsc#1136498 jsc#SLE-4699).
- bnx2x: Remove set but not used variable 'mfw_vn' (bsc#1136498 jsc#SLE-4699).
- bnx2x: Replace magic numbers with macro definitions (bsc#1136498 jsc#SLE-4699).
- bnx2x: Use struct_size() in kzalloc() (bsc#1136498 jsc#SLE-4699).
- bnx2x: Utilize FW 7.13.11.0 (bsc#1136498 jsc#SLE-4699).
- bnxt_en: Add device IDs 0x1806 and 0x1752 for 57500 devices (bsc#1137224).
- bnxt_en: Add support for BCM957504 (bsc#1137224).
- bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07).
- bnxt_en: Fix aggregation buffer leak under OOM condition (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix statistics context reservation logic (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).
- bnxt_en: Improve multicast address setup logic (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).
- bnxt_en: Improve NQ reservations (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).
- bnxt_en: Pass correct extended TX port statistics size to firmware (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Reduce memory usage when running in kdump kernel (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
- bonding: fix PACKET_ORIGDEV regression (git-fixes).
- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).
- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).
- bpf: Add missed newline in verifier verbose log (bsc#1056787).
- bpf: fix use after free in bpf_evict_inode (bsc#1083647).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- brcmfmac: fix leak of mypkt on error return path (bsc#1111666).
- broadcom: Mark expected switch fall-throughs (bsc#1136498 jsc#SLE-4699).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).
- btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).
- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).
- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).
- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).
- btrfs: fix race updating log root item during fsync (bsc#1137153).
- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).
- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).
- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- cfg80211: Handle WMM rules in regulatory domain intersection (bsc#1111666).
- cgroup: fix parsing empty mount option string (bsc#1133094).
- chelsio: use BUG() instead of BUG_ON(1) (bsc#1136345 jsc#SLE-4681).
- cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).
- cifs: do not dereference smb_file_target before null check (bsc#1051510).
- cifs: Do not hide EINTR after sending network packets (bsc#1051510).
- cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).
- cifs: Do not reset lease state to NONE on lease break (bsc#1051510).
- cifs: Fix adjustment of credits for MTU requests (bsc#1051510).
- cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510).
- cifs: Fix credits calculations for reads with errors (bsc#1051510).
- cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).
- cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).
- cifs: Fix potential OOB access of lock element array (bsc#1051510).
- cifs: Fix read after write for files with read caching (bsc#1051510).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).
- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).
- config: arm64: enable CN99xx uncore pmu References: bsc#1117114
- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- cpufreq: Add Hygon Dhyana support ().
- cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ ().
- cpupowerutils: bench - Fix cpu online check (bsc#1051510).
- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
- crypto: caam - add missing put_device() call (bsc#1129770).
- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
- crypto: caam/qi2 - fix DMA mapping of stack memory (bsc#1111666).
- crypto: caam/qi2 - fix zero-length buffer DMA mapping (bsc#1111666).
- crypto: caam/qi2 - generate hash keys in-place (bsc#1111666).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: chcr - ESN for Inline IPSec Tx (bsc#1136353 jsc#SLE-4688).
- crypto: chcr - small packet Tx stalls the queue (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - avoid using sa_entry imm (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - check set_msg_len overflow in generate_b0 (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - clean up various indentation issues (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - cleanup:send addr as value in function argument (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - count incomplete block in IV (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix NULL pointer dereference (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix passing zero to 'PTR_ERR' warning in chcr_aead_op (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix softlockup with heavy I/O (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix wrong error counter increments (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fixed Traffic Stall (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Handle pci shutdown event (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Inline single pdu only (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - remove set but not used variable 'kctx_len' (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - remove set but not used variables 'adap' (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Reset counters on cxgb4 Detach (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Swap location of AAD and IV sent in WR (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Use same value for both channel in single WR (bsc#1136353 jsc#SLE-4688).
- crypto: chtls - remove cdev_list_lock (bsc#1136353 jsc#SLE-4688).
- crypto: chtls - remove set but not used variables 'err, adap, request, hws' (bsc#1136353 jsc#SLE-4688).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).
- crypto: prefix header search paths with $(srctree)/ (bsc#1136353 jsc#SLE-4688).
- crypto: qat - move temp buffers off the stack (jsc#SLE-4818).
- crypto: qat - no need to check return value of debugfs_create functions (jsc#SLE-4818).
- crypto: qat - Remove unused goto label (jsc#SLE-4818).
- crypto: qat - Remove VLA usage (jsc#SLE-4818).
- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).
- cxgb4/chtls: Prefix adapter flags with CXGB4 (bsc#1136345 jsc#SLE-4681).
- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).
- cxgb4/cxgb4vf: Display advertised FEC in ethtool (bsc#1136345 jsc#SLE-4681).
- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).
- cxgb4/cxgb4vf: Fix up netdev->hw_features (bsc#1136345 jsc#SLE-4681).
- cxgb4/cxgb4vf: Link management changes (bsc#1127371).
- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).
- cxgb4/cxgb4vf_main: Mark expected switch fall-through (bsc#1136345 jsc#SLE-4681).
- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).
- cxgb4: Add flag tc_flower_initialized (bsc#1127371).
- cxgb4: Add new T5 pci device id 0x50ae (bsc#1127371).
- cxgb4: Add new T5 pci device ids 0x50af and 0x50b0 (bsc#1127371).
- cxgb4: Add new T6 pci device ids 0x608a (bsc#1127371).
- cxgb4: Add new T6 pci device ids 0x608b (bsc#1136345 jsc#SLE-4681).
- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).
- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).
- cxgb4: add support to display DCB info (bsc#1127371).
- cxgb4: Add support to read actual provisioned resources (bsc#1127371).
- cxgb4: add tcb flags and tcb rpl struct (bsc#1136345 jsc#SLE-4681).
- cxgb4: Add VF Link state support (bsc#1136345 jsc#SLE-4681).
- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).
- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).
- cxgb4: collect hardware queue descriptors (bsc#1127371).
- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).
- cxgb4: convert flower table to use rhashtable (bsc#1127371).
- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).
- cxgb4: Delete all hash and TCAM filters before resource cleanup (bsc#1136345 jsc#SLE-4681).
- cxgb4: display number of rx and tx pages free (bsc#1127371).
- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).
- cxgb4: Do not return EAGAIN when TCAM is full (bsc#1136345 jsc#SLE-4681).
- cxgb4: Enable hash filter with offload (bsc#1136345 jsc#SLE-4681).
- cxgb4: Enable outer UDP checksum offload for T6 (bsc#1136345 jsc#SLE-4681).
- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).
- cxgb4: Fix error path in cxgb4_init_module (bsc#1136345 jsc#SLE-4681).
- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).
- cxgb4: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).
- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).
- cxgb4: kfree mhp after the debug print (bsc#1136345 jsc#SLE-4681).
- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).
- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).
- cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1136345 jsc#SLE-4681).
- cxgb4: remove DEFINE_SIMPLE_DEBUGFS_FILE() (bsc#1136345 jsc#SLE-4681).
- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).
- cxgb4: remove set but not used variables 'multitrc, speed' (bsc#1136345 jsc#SLE-4681).
- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).
- cxgb4: remove the unneeded locks (bsc#1127371).
- cxgb4: Revert 'cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size' (bsc#1136345 jsc#SLE-4681).
- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).
- cxgb4: Support ethtool private flags (bsc#1127371).
- cxgb4: TLS record offload enable (bsc#1136345 jsc#SLE-4681).
- cxgb4: Update 1.23.3.0 as the latest firmware supported (bsc#1136345 jsc#SLE-4681).
- cxgb4: update supported DCB version (bsc#1127371).
- cxgb4: use firmware API for validating filter spec (bsc#1136345 jsc#SLE-4681).
- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).
- cxgb4vf: Call netif_carrier_off properly in pci_probe (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Enter debugging mode if FW is inaccessible (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Few more link management changes (bsc#1127374).
- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).
- cxgb4vf: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).
- cxgb4vf: Prefix adapter flags with CXGB4VF (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Revert force link up behaviour (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).
- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- dccp: Fix memleak in __feat_register_sp (bsc#1051510).
- debugfs: fix use-after-free on symlink traversal (bsc#1051510).
- device_cgroup: fix RCU imbalance in error case (bsc#1051510).
- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).
- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).
- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).
- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).
- dmaengine: tegra210-adma: Fix crash during probe (bsc#1111666).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- documentation: perf: Add documentation for ThunderX2 PMU uncore driver ().
- drivers/perf: Add Cavium ThunderX2 SoC UNCORE PMU driver ().
- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
- drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).
- drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).
- drm/amd/display: extending AUX SW Timeout (bsc#1111666).
- drm/amd/display: fix cursor black issue (bsc#1111666).
- drm/amd/display: If one stream full updates, full update all planes (bsc#1111666).
- drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bsc#1111666).
- drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bsc#1111666).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
- drm/doc: Drop 'content type' from the legacy kms property table (bsc#1111666).
- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).
- drm/etnaviv: lock MMU while dumping core (bsc#1113722)
- drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bsc#1111666).
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/fb-helper: generic: Call drm_client_add() after setup is done (bsc#1111666).
- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)
- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113956)
- drm/i915/gvt: Annotate iomem usage (bsc#1051510).
- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).
- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)
- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113956)
- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).
- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: Prevent use-after-free in ppgtt_free_all_spt() (bsc#1111666).
- drm/i915/gvt: refine ggtt range validation (bsc#1113722)
- drm/i915/gvt: Roundup fb->height into tile's height at calucation fb->size (bsc#1111666).
- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)
- drm/i915/icl: Whitelist GEN9_SLICE_COMMON_ECO_CHICKEN1 (bsc#1111666).
- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
- drm/i915: Disable tv output on i9x5gm (bsc#1086657, bsc#1133897).
- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled (bsc#1111666).
- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)
- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113956)
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/nouveau/bar/tu104: initial support (bsc#1133593).
- drm/nouveau/bar/tu106: initial support (bsc#1133593).
- drm/nouveau/bios/tu104: initial support (bsc#1133593).
- drm/nouveau/bios/tu106: initial support (bsc#1133593).
- drm/nouveau/bios: translate additional memory types (bsc#1133593).
- drm/nouveau/bios: translate usb-C connector type (bsc#1133593).
- drm/nouveau/bus/tu104: initial support (bsc#1133593).
- drm/nouveau/bus/tu106: initial support (bsc#1133593).
- drm/nouveau/ce/tu104: initial support (bsc#1133593).
- drm/nouveau/ce/tu106: initial support (bsc#1133593).
- drm/nouveau/core: increase maximum number of nvdec instances to 3 (bsc#1133593).
- drm/nouveau/core: recognise TU102 (bsc#1133593).
- drm/nouveau/core: recognise TU104 (bsc#1133593).
- drm/nouveau/core: recognise TU106 (bsc#1133593).
- drm/nouveau/core: support multiple nvdec instances (bsc#1133593).
- drm/nouveau/devinit/gm200-: export function to upload+execute PMU/PRE_OS (bsc#1133593).
- drm/nouveau/devinit/tu104: initial support (bsc#1133593).
- drm/nouveau/devinit/tu106: initial support (bsc#1133593).
- drm/nouveau/disp/gm200-: add scdc parameter setter (bsc#1133593).
- drm/nouveau/disp/gv100: fix name of window channels in debug output (bsc#1133593).
- drm/nouveau/disp/tu104: initial support (bsc#1133593).
- drm/nouveau/disp/tu106: initial support (bsc#1133593).
- drm/nouveau/disp: add a way to configure scrambling/tmds for hdmi 2.0 (bsc#1133593).
- drm/nouveau/disp: add support for setting scdc parameters for high modes (bsc#1133593).
- drm/nouveau/disp: keep track of high-speed state, program into clock (bsc#1133593).
- drm/nouveau/disp: take sink support into account for exposing 594mhz (bsc#1133593).
- drm/nouveau/dma/tu104: initial support (bsc#1133593).
- drm/nouveau/dma/tu106: initial support (bsc#1133593).
- drm/nouveau/drm/nouveau: Do not forget to label dp_aux devices (bsc#1133593).
- drm/nouveau/drm/nouveau: s/nouveau_backlight_exit/nouveau_backlight_fini/ (bsc#1133593).
- drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init() (bsc#1133593).
- drm/nouveau/fault/tu104: initial support (bsc#1133593).
- drm/nouveau/fault/tu106: initial support (bsc#1133593).
- drm/nouveau/fault: add explicit control over fault buffer interrupts (bsc#1133593).
- drm/nouveau/fault: remove manual mapping of fault buffers into BAR2 (bsc#1133593).
- drm/nouveau/fault: store get/put pri address in nvkm_fault_buffer (bsc#1133593).
- drm/nouveau/fb/tu104: initial support (bsc#1133593).
- drm/nouveau/fb/tu106: initial support (bsc#1133593).
- drm/nouveau/fifo/gf100-: call into BAR to reset BARs after MMU fault (bsc#1133593).
- drm/nouveau/fifo/gk104-: group pbdma functions together (bsc#1133593).
- drm/nouveau/fifo/gk104-: return channel instance in ctor args (bsc#1133593).
- drm/nouveau/fifo/gk104-: separate runlist building from committing to hw (bsc#1133593).
- drm/nouveau/fifo/gk104-: support enabling privileged ce functions (bsc#1133593).
- drm/nouveau/fifo/gk104-: virtualise pbdma enable function (bsc#1133593).
- drm/nouveau/fifo/gm200-: read pbdma count more directly (bsc#1133593).
- drm/nouveau/fifo/gv100: allocate method buffer (bsc#1133593).
- drm/nouveau/fifo/gv100: return work submission token in channel ctor args (bsc#1133593).
- drm/nouveau/fifo/tu104: initial support (bsc#1133593).
- drm/nouveau/fifo/tu106: initial support (bsc#1133593).
- drm/nouveau/fuse/tu104: initial support (bsc#1133593).
- drm/nouveau/fuse/tu106: initial support (bsc#1133593).
- drm/nouveau/gpio/tu104: initial support (bsc#1133593).
- drm/nouveau/gpio/tu106: initial support (bsc#1133593).
- drm/nouveau/i2c/tu104: initial support (bsc#1133593).
- drm/nouveau/i2c/tu106: initial support (bsc#1133593).
- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
- drm/nouveau/ibus/tu104: initial support (bsc#1133593).
- drm/nouveau/ibus/tu106: initial support (bsc#1133593).
- drm/nouveau/imem/nv50: support pinning objects in BAR2 and returning address (bsc#1133593).
- drm/nouveau/imem/tu104: initial support (bsc#1133593).
- drm/nouveau/imem/tu106: initial support (bsc#1133593).
- drm/nouveau/kms/nv50-: allow more flexibility with lut formats (bsc#1133593).
- drm/nouveau/kms/tu104: initial support (bsc#1133593).
- drm/nouveau/ltc/tu104: initial support (bsc#1133593).
- drm/nouveau/ltc/tu106: initial support (bsc#1133593).
- drm/nouveau/mc/tu104: initial support (bsc#1133593).
- drm/nouveau/mc/tu106: initial support (bsc#1133593).
- drm/nouveau/mmu/tu104: initial support (bsc#1133593).
- drm/nouveau/mmu/tu106: initial support (bsc#1133593).
- drm/nouveau/mmu: add more general vmm free/node handling functions (bsc#1133593).
- drm/nouveau/pci/tu104: initial support (bsc#1133593).
- drm/nouveau/pci/tu106: initial support (bsc#1133593).
- drm/nouveau/pmu/tu104: initial support (bsc#1133593).
- drm/nouveau/pmu/tu106: initial support (bsc#1133593).
- drm/nouveau/therm/tu104: initial support (bsc#1133593).
- drm/nouveau/therm/tu106: initial support (bsc#1133593).
- drm/nouveau/tmr/tu104: initial support (bsc#1133593).
- drm/nouveau/tmr/tu106: initial support (bsc#1133593).
- drm/nouveau/top/tu104: initial support (bsc#1133593).
- drm/nouveau/top/tu106: initial support (bsc#1133593).
- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).
- drm/nouveau: add DisplayPort CEC-Tunneling-over-AUX support (bsc#1133593).
- drm/nouveau: Add NV_PRINTK_ONCE and variants (bsc#1133593).
- drm/nouveau: Add size to vbios.rom file in debugfs (bsc#1133593).
- drm/nouveau: Add strap_peek to debugfs (bsc#1133593).
- drm/nouveau: Cleanup indenting in nouveau_backlight.c (bsc#1133593).
- drm/nouveau: Fix potential memory leak in nouveau_drm_load() (bsc#1133593).
- drm/nouveau: Move backlight device into nouveau_connector (bsc#1133593).
- drm/nouveau: Refactor nvXX_backlight_init() (bsc#1133593).
- drm/nouveau: register backlight on pascal and newer (bsc#1133593).
- drm/nouveau: remove left-over struct member (bsc#1133593).
- drm/nouveau: Remove unecessary dma_fence_ops (bsc#1133593).
- drm/nouveau: Start using new drm_dev initialization helpers (bsc#1133593).
- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).
- drm/omap: hdmi4_cec: Fix CEC clock handling for PM (bsc#1111666).
- drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bsc#1111666).
- drm/pl111: Initialize clock spinlock early (bsc#1111666).
- drm/rockchip: fix for mailbox read validation (bsc#1051510).
- drm/rockchip: fix for mailbox read validation (bsc#1111666).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)
- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)
- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)
- drm/sun4i: Fix sun8i HDMI PHY clock initialization (bsc#1111666).
- drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz (bsc#1111666).
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)
- drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind (bsc#1111666).
- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)
- drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() (bsc#1111666).
- drm/tegra: hub: Fix dereference before check (bsc#1111666).
- drm/ttm: Fix bo_global and mem_global kfree error (bsc#1111666).
- drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bsc#1111666).
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/udl: add a release method and delay modeset teardown (bsc#1085536)
- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)
- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)
- drm/vmwgfx: Remove set but not used variable 'restart' (bsc#1111666).
- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).
- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)
- drm: rcar-du: Fix rcar_du_crtc structure documentation (bsc#1111666).
- dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20).
- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- e1000e: Disable runtime PM on CNP+ (jsc#SLE-4804).
- e1000e: Exclude device from suspend direct complete optimization (jsc#SLE-4804).
- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).
- e1000e: fix a missing check for return value (jsc#SLE-4804).
- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).
- edac, amd64: Add Hygon Dhyana support ().
- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).
- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: libstub: add a root memreserve config table (bsc#1117158).
- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).
- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).
- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).
- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).
- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).
- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).
- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).
- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).
- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).
- ext4: actually request zeroing of inode table after grow (bsc#1135315).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).
- ext4: Do not warn when enabling DAX (bsc#1132894).
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
- ext4: make sanity check in mballoc more strict (bsc#1136439).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).
- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
- fix cgroup_do_mount() handling of failure exits (bsc#1133095).
- fix rtnh_ok() (git-fixes).
- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).
- fm10k: TRIVIAL cleanup of extra spacing in function comment (jsc#SLE-4796).
- fm10k: use struct_size() in kzalloc() (jsc#SLE-4796).
- fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).
- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).
- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- futex: Cure exit race (bsc#1050549).
- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).
- futex: Handle early deadlock return correctly (bsc#1050549).
- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).
- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).
- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
- gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).
- hid: core: move Usage Page concatenation to Main item (bsc#1093389).
- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).
- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).
- hid: input: add mapping for Assistant key (bsc#1051510).
- hid: input: add mapping for Expose/Overview key (bsc#1051510).
- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
- hid: input: fix a4tech horizontal wheel custom usage (bsc#1137429).
- hid: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).
- hid: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).
- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).
- i2c: imx: correct the method of getting private data in notifier_call (bsc#1111666).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
- i2c: synquacer: fix enumeration of slave devices (bsc#1111666).
- i40e: Able to add up to 16 MAC filters on an untrusted VF (jsc#SLE-4797).
- i40e: add new pci id for X710/XXV710 N3000 cards (jsc#SLE-4797).
- i40e: add num_vectors checker in iwarp handler (jsc#SLE-4797).
- i40e: Add support FEC configuration for Fortville 25G (jsc#SLE-4797).
- i40e: Add support for X710 B/P and SFP+ cards (jsc#SLE-4797).
- i40e: add tracking of AF_XDP ZC state for each queue pair (jsc#SLE-4797).
- i40e: change behavior on PF in response to MDD event (jsc#SLE-4797).
- i40e: Change unmatched function types (jsc#SLE-4797).
- i40e: Changed maximum supported FW API version to 1.8 (jsc#SLE-4797).
- i40e: check queue pairs num in config queues handler (jsc#SLE-4797).
- i40e: clean up several indentation issues (jsc#SLE-4797).
- i40e: do not allow changes to HW VLAN stripping on active port VLANs (jsc#SLE-4797).
- i40e: Fix for 10G ports LED not blinking (jsc#SLE-4797).
- i40e: Fix for allowing too many MDD events on VF (jsc#SLE-4797).
- i40e: fix i40e_ptp_adjtime when given a negative delta (jsc#SLE-4797).
- i40e: Fix misleading error message (jsc#SLE-4797).
- i40e: fix misleading message about promisc setting on un-trusted VF (jsc#SLE-4797).
- i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c (jsc#SLE-4797).
- i40e: Fix the typo in adding 40GE KR4 mode (jsc#SLE-4797).
- i40e: Further implementation of LLDP (jsc#SLE-4797).
- i40e: Implement DDP support in i40e driver (jsc#SLE-4797).
- i40e: increase indentation (jsc#SLE-4797).
- i40e: Introduce recovery mode support (jsc#SLE-4797).
- i40e: Limiting RSS queues to CPUs (jsc#SLE-4797).
- i40e: Memory leak in i40e_config_iwarp_qvlist (jsc#SLE-4797).
- i40e: missing input validation on VF message handling by the PF (jsc#SLE-4797).
- i40e: move i40e_xsk_umem function (jsc#SLE-4797).
- i40e: print pci vendor and device ID during probe (jsc#SLE-4797).
- i40e: Queues are reserved despite 'Invalid argument' error (jsc#SLE-4797).
- i40e: remove debugfs tx_timeout support (jsc#SLE-4797).
- i40e: remove error msg when vf with port vlan tries to remove vlan 0 (jsc#SLE-4797).
- i40e: Remove misleading messages for untrusted VF (jsc#SLE-4797).
- i40e: remove out-of-range comparisons in i40e_validate_cloud_filter (jsc#SLE-4797).
- i40e: Remove umem from VSI (jsc#SLE-4797).
- i40e: Report advertised link modes on 40GBase_LR4, CR4 and fibre (jsc#SLE-4797).
- i40e: Report advertised link modes on 40GBASE_SR4 (jsc#SLE-4797).
- i40e: Revert ShadowRAM checksum calculation change (jsc#SLE-4797).
- i40e: save PTP time before a device reset (jsc#SLE-4797).
- i40e: Setting VF to VLAN 0 requires restart (jsc#SLE-4797).
- i40e: ShadowRAM checksum calculation change (jsc#SLE-4797).
- i40e: The driver now prints the API version in error message (jsc#SLE-4797).
- i40e: Use struct_size() in kzalloc() (jsc#SLE-4797).
- i40e: VF's promiscuous attribute is not kept (jsc#SLE-4797).
- i40e: Wrong truncation from u16 to u8 (jsc#SLE-4797).
- i40iw: Avoid panic when handling the inetdev event (jsc#SLE-4793).
- i40iw: remove support for ib_get_vector_affinity (jsc#SLE-4793).
- i40iw: remove use of VLAN_TAG_PRESENT (jsc#SLE-4793).
- ib/hfi1: Add debugfs to control expansion ROM write protect (jsc#SLE-4925).
- ib/hfi1: Add selected Rcv counters (jsc#SLE-4925).
- ib/hfi1: Close VNIC sdma_progress sleep window (jsc#SLE-4925).
- ib/hfi1: Consider LMC in 16B/bypass ingress packet check (jsc#SLE-4925).
- ib/hfi1: Correctly process FECN and BECN in packets (jsc#SLE-4925).
- ib/hfi1: Dump pio info for non-user send contexts (jsc#SLE-4925).
- ib/hfi1: Eliminate opcode tests on mr deref (jsc#SLE-4925).
- ib/hfi1: Failed to drain send queue when QP is put into error state (jsc#SLE-4925).
- ib/hfi1: Fix the allocation of RSM table (jsc#SLE-4925).
- ib/hfi1: Fix two format strings (jsc#SLE-4925).
- ib/hfi1: Fix WQ_MEM_RECLAIM warning (jsc#SLE-4925).
- ib/hfi1: Ignore LNI errors before DC8051 transitions to Polling state (jsc#SLE-4925).
- ib/hfi1: Incorrect sizing of sge for PIO will OOPs (jsc#SLE-4925).
- ib/hfi1: Limit VNIC use of SDMA engines to the available count (jsc#SLE-4925).
- ib/hfi1: Reduce lock contention on iowait_lock for sdma and pio (jsc#SLE-4925).
- ib/hfi1: Remove overly conservative VM_EXEC flag check (jsc#SLE-4925).
- ib/hfi1: Remove WARN_ON when freeing expected receive groups (jsc#SLE-4925).
- ib/hfi1: Unreserve a reserved request when it is completed (jsc#SLE-4925).
- ib/hw: Remove unneeded semicolons (bsc#1136456 jsc#SLE-4689).
- ib/rdmavt: Add wc_flags and wc_immdata to cq entry trace (jsc#SLE-4925).
- ib/rdmavt: Fix frwr memory registration (jsc#SLE-4925).
- ib/rdmavt: Fix loopback send with invalidate ordering (jsc#SLE-4925).
- ib/{rdmavt, hfi1): Miscellaneous comment fixes (jsc#SLE-4925).
- ibmvnic: Add device identification to requested IRQs (bsc#1137739).
- ibmvnic: Do not close unopened driver during reset (bsc#1137752).
- ibmvnic: Enable GRO (bsc#1132227).
- ibmvnic: Fix completion structure initialization (bsc#1131659).
- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).
- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
- ibmvnic: Refresh device multicast list after reset (bsc#1137752).
- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
- ice : Ensure only valid bits are set in ice_aq_set_phy_cfg (jsc#SLE-4803).
- ice: Add 52 byte RSS hash key support (jsc#SLE-4803).
- ice: add and use new ice_for_each_traffic_class() macro (jsc#SLE-4803).
- ice: Add code for DCB initialization part 1/4 (jsc#SLE-4803).
- ice: Add code for DCB initialization part 2/4 (jsc#SLE-4803).
- ice: Add code for DCB initialization part 3/4 (jsc#SLE-4803).
- ice: Add code for DCB initialization part 4/4 (jsc#SLE-4803).
- ice: Add code for DCB rebuild (jsc#SLE-4803).
- ice: Add code to control FW LLDP and DCBX (jsc#SLE-4803).
- ice: Add code to get DCB related statistics (jsc#SLE-4803).
- ice: Add code to process LLDP Mib change events (jsc#SLE-4803).
- ice: add const qualifier to mac_addr parameter (jsc#SLE-4803).
- ice: Add ethtool private flag to make forcing link down optional (jsc#SLE-4803).
- ice: Add ethtool set_phys_id handler (jsc#SLE-4803).
- ice: Add function to program ethertype based filter rule on VSIs (jsc#SLE-4803).
- ice: Add missing case in print_link_msg for printing flow control (jsc#SLE-4803).
- ice: Add missing PHY type to link settings (jsc#SLE-4803).
- ice: Add more validation in ice_vc_cfg_irq_map_msg (jsc#SLE-4803).
- ice: Add priority information into VLAN header (jsc#SLE-4803).
- ice: Add reg_idx variable in ice_q_vector structure (jsc#SLE-4803).
- ice: Add support for adaptive interrupt moderation (jsc#SLE-4803).
- ice: Add support for new PHY types (jsc#SLE-4803).
- ice: Add support for PF/VF promiscuous mode (jsc#SLE-4803).
- ice: Allow for software timestamping (jsc#SLE-4803).
- ice: Always free/allocate q_vectors (jsc#SLE-4803).
- ice: Audit hotpath structures with pahole (jsc#SLE-4803).
- ice: avoid multiple unnecessary de-references in probe (jsc#SLE-4803).
- ice: Bump driver version (jsc#SLE-4803).
- ice: Bump version (jsc#SLE-4803).
- ice: Calculate ITR increment based on direct calculation (jsc#SLE-4803).
- ice: change VF VSI tc info along with num_queues (jsc#SLE-4803).
- ice: check for a leaf node presence (jsc#SLE-4803).
- ice: clear VF ARQLEN register on reset (jsc#SLE-4803).
- ice: code cleanup in ice_sched.c (jsc#SLE-4803).
- ice: configure GLINT_ITR to always have an ITR gran of 2 (jsc#SLE-4803).
- ice: Configure RSS LUT and HASH KEY in rebuild path (jsc#SLE-4803).
- ice: Create a generic name for the ice_rx_flg64_bits structure (jsc#SLE-4803).
- ice: Create framework for VSI queue context (jsc#SLE-4803).
- ice: Determine descriptor count and ring size based on PAGE_SIZE (jsc#SLE-4803).
- ice: Disable sniffing VF traffic on PF (jsc#SLE-4803).
- ice: Do not bail out when filter already exists (jsc#SLE-4803).
- ice: Do not let VF know that it is untrusted (jsc#SLE-4803).
- ice: Do not remove VLAN filters that were never programmed (jsc#SLE-4803).
- ice: Do not set LB_EN for prune switch rules (jsc#SLE-4803).
- ice: do not spam VFs with link messages (jsc#SLE-4803).
- ice: Do not unnecessarily initialize local variable (jsc#SLE-4803).
- ice: Enable LAN_EN for the right recipes (jsc#SLE-4803).
- ice: Enable link events over the ARQ (jsc#SLE-4803).
- ice: Enable MAC anti-spoof by default (jsc#SLE-4803).
- ice: enable VF admin queue interrupts (jsc#SLE-4803).
- ice: Fix added in VSI supported nodes calc (jsc#SLE-4803).
- ice: Fix broadcast traffic in port VLAN mode (jsc#SLE-4803).
- ice: Fix for adaptive interrupt moderation (jsc#SLE-4803).
- ice: Fix for allowing too many MDD events on VF (jsc#SLE-4803).
- ice: Fix for FC get rx/tx pause params (jsc#SLE-4803).
- ice: fix ice_remove_rule_internal vsi_list handling (jsc#SLE-4803).
- ice: Fix incorrect use of abbreviations (jsc#SLE-4803).
- ice: Fix issue reclaiming resources back to the pool after reset (jsc#SLE-4803).
- ice: Fix issue reconfiguring VF queues (jsc#SLE-4803).
- ice: Fix issue when adding more than allowed VLANs (jsc#SLE-4803).
- ice: fix issue where host reboots on unload when iommu=on (jsc#SLE-4803).
- ice: Fix issue with VF reset and multiple VFs support on PFs (jsc#SLE-4803).
- ice: fix numeric overflow warning (jsc#SLE-4803).
- ice: fix some function prototype and signature style issues (jsc#SLE-4803).
- ice: fix stack hogs from struct ice_vsi_ctx structures (jsc#SLE-4803).
- ice: fix static analysis warnings (jsc#SLE-4803).
- ice: Fix the calculation of ICE_MAX_MTU (jsc#SLE-4803).
- ice: fix the divide by zero issue (jsc#SLE-4803).
- ice: Fix typos in code comments (jsc#SLE-4803).
- ice: flush Tx pipe on disable queue timeout (jsc#SLE-4803).
- ice: Gather the rx buf clean-up logic for better reuse (jsc#SLE-4803).
- ice: Get resources per function (jsc#SLE-4803).
- ice: Get rid of ice_pull_tail (jsc#SLE-4803).
- ice: Get VF VSI instances directly via PF (jsc#SLE-4803).
- ice: Implement flow to reset VFs with PFR and other resets (jsc#SLE-4803).
- ice: Implement getting and setting ethtool coalesce (jsc#SLE-4803).
- ice: Implement pci_error_handler ops (jsc#SLE-4803).
- ice: Implement support for normal get_eeprom[_len] ethtool ops (jsc#SLE-4803).
- ice: Limit the ice_add_rx_frag to frag addition (jsc#SLE-4803).
- ice: map Rx buffer pages with DMA attributes (jsc#SLE-4803).
- ice: Move aggregator list into ice_hw instance (jsc#SLE-4803).
- ice: Offload SCTP checksum (jsc#SLE-4803).
- ice: only use the VF for ICE_VSI_VF in ice_vsi_release (jsc#SLE-4803).
- ice: Preserve VLAN Rx stripping settings (jsc#SLE-4803).
- ice: Prevent unintended multiple chain resets (jsc#SLE-4803).
- ice: Pull out page reuse checks onto separate function (jsc#SLE-4803).
- ice: Put __ICE_PREPARED_FOR_RESET check in ice_prepare_for_reset (jsc#SLE-4803).
- ice: Reduce scope of variable in ice_vsi_cfg_rxqs (jsc#SLE-4803).
- ice: Refactor a few Tx scheduler functions (jsc#SLE-4803).
- ice: Refactor getting/setting coalesce (jsc#SLE-4803).
- ice: Refactor link event flow (jsc#SLE-4803).
- ice: Remove '2 BITS' comment (jsc#SLE-4803).
- ice: Remove __always_unused attribute (jsc#SLE-4803).
- ice: remove redundant variable and if condition (jsc#SLE-4803).
- ice: Remove runtime change of PFINT_OICR_ENA register (jsc#SLE-4803).
- ice: Remove unnecessary braces (jsc#SLE-4803).
- ice: Remove unnecessary newlines from log messages (jsc#SLE-4803).
- ice: Remove unnecessary wait when disabling/enabling Rx queues (jsc#SLE-4803).
- ice: Remove unused function prototype (jsc#SLE-4803).
- ice: Remove unused function prototype (jsc#SLE-4803).
- ice: Remove unused vsi_id field (jsc#SLE-4803).
- ice: Reset all VFs with VFLR during SR-IOV init flow (jsc#SLE-4803).
- ice: Resolve static analysis reported issue (jsc#SLE-4803).
- ice: Restore VLAN switch rule if port VLAN existed before (jsc#SLE-4803).
- ice: Retrieve rx_buf in separate function (jsc#SLE-4803).
- ice: Return configuration error without queue to disable (jsc#SLE-4803).
- ice: Rework queue management code for reuse (jsc#SLE-4803).
- ice: Separate if conditions for ice_set_features() (jsc#SLE-4803).
- ice: Set LAN_EN for all directional rules (jsc#SLE-4803).
- ice: Set physical link up/down when an interface is set up/down (jsc#SLE-4803).
- ice: sizeof(type>) should be avoided (jsc#SLE-4803).
- ice: Suppress false-positive style issues reported by static analyzer (jsc#SLE-4803).
- ice: use absolute vector ID for VFs (jsc#SLE-4803).
- ice: Use bitfields where possible (jsc#SLE-4803).
- ice: Use dev_err when ice_cfg_vsi_lan fails (jsc#SLE-4803).
- ice: Use ice_for_each_q_vector macro where possible (jsc#SLE-4803).
- ice: use ice_for_each_vsi macro when possible (jsc#SLE-4803).
- ice: use irq_num var in ice_vsi_req_irq_msix (jsc#SLE-4803).
- ice: Use more efficient structures (jsc#SLE-4803).
- ice: Use pf instead of vsi-back (jsc#SLE-4803).
- ice: use virt channel status codes (jsc#SLE-4803).
- ice: Validate ring existence and its q_vector per VSI (jsc#SLE-4803).
- igb: Bump version number (jsc#SLE-4798).
- igb: Exclude device from suspend direct complete optimization (jsc#SLE-4798).
- igb: fix various indentation issues (jsc#SLE-4798).
- igb: Fix WARN_ONCE on runtime suspend (jsc#SLE-4798).
- igb: use struct_size() helper (jsc#SLE-4798).
- igc: Add ethtool support (jsc#SLE-4799).
- igc: Add multiple receive queues control supporting (jsc#SLE-4799).
- igc: Add support for statistics (jsc#SLE-4799).
- igc: Add support for the ntuple feature (jsc#SLE-4799).
- igc: Extend the ethtool supporting (jsc#SLE-4799).
- igc: Fix code redundancy (jsc#SLE-4799).
- igc: Fix the typo in igc_base.h header definition (jsc#SLE-4799).
- igc: Remove the 'igc_get_phy_id_base' method (jsc#SLE-4799).
- igc: Remove the 'igc_read_mac_addr_base' method (jsc#SLE-4799).
- igc: Remove unneeded code (jsc#SLE-4799).
- igc: Remove unneeded hw_dbg prints (jsc#SLE-4799).
- igc: Remove unreachable code from igc_phy.c file (jsc#SLE-4799).
- igc: Remove unused code (jsc#SLE-4799).
- igc: Use struct_size() helper (jsc#SLE-4799).
- igmp: fix incorrect unsolicit report count when join group (git-fixes).
- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).
- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).
- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).
- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).
- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
- iio: core: fix a possible circular locking dependency (bsc#1051510).
- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).
- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).
- iio: Fix scan mask selection (bsc#1051510).
- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).
- include/linux/bitops.h: introduce BITS_PER_TYPE (bsc#1136345 jsc#SLE-4681).
- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).
- inetpeer: fix uninit-value in inet_getpeer (git-fixes).
- infiniband/qedr: Potential null ptr dereference of qp (bsc#1136456 jsc#SLE-4689).
- infiniband: hfi1: drop crazy DEBUGFS_SEQ_FILE_CREATE() macro (jsc#SLE-4925).
- infiniband: hfi1: no need to check return value of debugfs_create functions (jsc#SLE-4925).
- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
- input: introduce KEY_ASSISTANT (bsc#1051510).
- input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).
- input: synaptics-rmi4 - fix possible double free (bsc#1051510).
- input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).
- intel: correct return from set features callback (jsc#SLE-4795).
- intel_idle: add support for Jacobsville (jsc#SLE-5394).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).
- iommu/amd: Set exclusion range correctly (bsc#1130425).
- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).
- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).
- ip_gre: fix parsing gre header in ipgre_err (git-fixes).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
- ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier (bsc#1111666).
- ipmi: Prevent use-after-free in deliver_response (bsc#1111666).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).
- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).
- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).
- ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).
- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
- ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).
- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).
- ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).
- ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).
- ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).
- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
- ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15).
- ipvlan: fix ipv6 outbound device (bsc#1051510).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
- ipvs: fix buffer overflow with sync daemon and service (git-fixes).
- ipvs: fix check on xmit to non-local addresses (git-fixes).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
- ipvs: fix stats update from local clients (git-fixes).
- ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).
- iw_cxgb*: kzalloc the iwcm verbs struct (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: Check for send WR also while posting write with completion WR (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: complete the cached SRQ buffers (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).
- iw_cxgb4: Fix qpid leak (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: fix srqidx leak during connection abort (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: Make function read_tcb() static (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
- iw_cxgb4: use listening ep tos when accepting new connections (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: use tos when finding ipv6 routes (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: use tos when importing the endpoint (bsc#1136348 jsc#SLE-4684).
- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).
- iwlwifi: fix driver operation for 5350 (bsc#1111666).
- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).
- ixgbe: fix mdio bus registration (jsc#SLE-4795).
- ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN (jsc#SLE-4795).
- ixgbe: register a mdiobus (jsc#SLE-4795).
- ixgbe: remove magic constant in ixgbe_reset_hw_82599() (jsc#SLE-4795).
- ixgbe: use mii_bus to handle MII related ioctls (jsc#SLE-4795).
- ixgbe: Use struct_size() helper (jsc#SLE-4795).
- jbd2: check superblock mapped prior to committing (bsc#1136430).
- kabi i40e ignore include (jsc#SLE-4797).
- kabi protect struct iw_cm_id (bsc#1136348 jsc#SLE-4684).
- kabi protect struct vf_info (bsc#1136347 jsc#SLE-4683).
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kabi/severities: exclude hns3 symbols (bsc#1134948)
- kabi/severities: exclude qed* symbols (bsc#1136461)
- kabi/severities: missed hns roce module
- kabi: arm64: cpuhotplug: Reuse other arch's cpuhp_state ().
- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
- kABI: protect dma-mapping.h include (kabi).
- kABI: protect functions using struct net_generic (bsc#1129845 LTC#176252).
- kABI: protect ip_options_rcv_srr (kabi).
- kABI: protect struct mlx5_td (kabi).
- kABI: protect struct pci_dev (kabi).
- kABI: protect struct smc_ib_device (bsc#1129845 LTC#176252).
- kABI: protect struct smcd_dev (bsc#1129845 LTC#176252).
- kABI: restore icmp_send (kabi).
- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).
- kcm: switch order of device registration to fix a crash (bnc#1130527).
- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- kernfs: do not set dentry->d_fsdata (boo#1133115).
- keys: always initialize keyring_index_key::desc_len (bsc#1051510).
- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
- keys: user: Align the payload buffer (bsc#1051510).
- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904 LTC#176078).
- kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).
- kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).
- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
- kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).
- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).
- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).
- kvm: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).
- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
- kvm: s390: use created_vcpus in more places (bsc#1136206).
- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
- kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).
- kvm: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).
- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- kvm: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).
- kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).
- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- kvm: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).
- kvm: x86: Report STibP on GET_SUPPORTED_CPUID (bsc#1111331).
- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- libata: fix using DMA buffers on stack (bsc#1051510).
- libcxgb: fix incorrect ppmax calculation (bsc#1136345 jsc#SLE-4681).
- lightnvm: if LUNs are already allocated fix return (bsc#1085535).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).
- livepatch: Remove custom kobject state handling (bsc#1071995).
- livepatch: Remove duplicated code for early initialization (bsc#1071995).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mac80211: do not attempt to rename ERR_PTR() debugfs dirs (bsc#1111666).
- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).
- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
- mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode (bsc#1111666).
- mac8390: Fix mmio access size probe (bsc#1051510).
- md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).
- md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).
- md: batch flush requests (bsc#1119680).
- md: Fix failed allocation of md_register_thread (git-fixes).
- md: fix invalid stored role for a disk (bsc#1051510).
- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).
- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- memcg: make it work on sparse non-0-node systems (bnc#1133616).
- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
- mISDN: Check address length before reading address family (bsc#1051510).
- missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15).
- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).
- mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).
- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).
- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).
- mm: create non-atomic version of SetPageReserved for init use (jsc#SLE-6647).
- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- mmc: bcm2835 MMC issues (bsc#1070872).
- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mmc: core: Fix tag set memory leak (bsc#1111666).
- mmc: davinci: remove extraneous __init annotation (bsc#1051510).
- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).
- mmc: sdhci: Handle auto-command errors (bsc#1051510).
- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).
- mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07).
- mt7601u: bump supported EEPROM version (bsc#1051510).
- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: do not advertise ibSS features without FW support (bsc#1129770).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: Fix possible buffer overflows at parsing bss descriptor
- mwifiex: Make resume actually do something useful again on SDIO cards (bsc#1111666).
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).
- net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).
- net/ibmvnic: Remove tests of member address (bsc#1137739).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net/ipv4: defensive cipso option parsing (git-fixes).
- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).
- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
- net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24).
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).
- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).
- net/mlx5e: Fix trailing semicolon (bsc#1075020).
- net/mlx5e: IPoib, Reset QP after channels are closed (bsc#1075020).
- net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24).
- net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).
- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).
- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).
- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).
- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).
- net/smc: add pnet table namespace support (bsc#1129845 LTC#176252).
- net/smc: add smcd support to the pnet table (bsc#1129845 LTC#176252).
- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1129845 LTC#176252).
- net/smc: allow pnetid-less configuration (bsc#1129845 LTC#176252).
- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1129845 LTC#176252).
- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
- net/smc: rework pnet table (bsc#1129845 LTC#176252).
- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).
- net/tls: free ctx in sock destruct (bsc#1136353 jsc#SLE-4688).
- net/x25: fix a race in x25_bind() (networking-stable-19_03_15).
- net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15).
- net/x25: reset state in x25_connect() (networking-stable-19_03_15).
- net: Add __icmp_send helper (networking-stable-19_03_07).
- net: Add header for usage of fls64() (networking-stable-19_02_20).
- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).
- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).
- net: avoid false positives in untrusted gso validation (git-fixes).
- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
- net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).
- net: bridge: add vlan_tunnel to bridge port policies (git-fixes).
- net: bridge: fix per-port af_packet sockets (git-fixes).
- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes).
- net: chelsio: Add a missing check on cudg_get_buffer (bsc#1136345 jsc#SLE-4681).
- net: cxgb4: fix various indentation issues (bsc#1136345 jsc#SLE-4681).
- net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes).
- net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20).
- net: do not keep lonely packets forever in the gro hash (git-fixes).
- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).
- net: dsa: legacy: do not unmask port bitmaps (git-fixes).
- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).
- net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).
- net: Fix a bug in removing queues from XPS map (git-fixes).
- net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20).
- net: fix IPv6 prefix route residue (networking-stable-19_02_20).
- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
- net: Fix untag for vlan packets without ethernet header (git-fixes).
- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes).
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).
- net: hns3: add counter for times RX pages gets allocated (bsc#1104353 bsc#1134947).
- net: hns3: add error handler for initializing command queue (bsc#1104353 bsc#1135058).
- net: hns3: add function type check for debugfs help information (bsc#1104353 bsc#1134980).
- net: hns3: Add handling of MAC tunnel interruption (bsc#1104353 bsc#1134983).
- net: hns3: add hns3_gro_complete for HW GRO process (bsc#1104353 bsc#1135051).
- net: hns3: add linearizing checking for TSO case (bsc#1104353 bsc#1134947).
- net: hns3: add protect when handling mac addr list (bsc#1104353 ).
- net: hns3: add queue's statistics update to service task (bsc#1104353 bsc#1134981).
- net: hns3: add reset statistics for VF (bsc#1104353 bsc#1134995).
- net: hns3: add reset statistics info for PF (bsc#1104353 bsc#1134995).
- net: hns3: add some debug info for hclgevf_get_mbx_resp() (bsc#1104353 bsc#1134994).
- net: hns3: add some debug information for hclge_check_event_cause (bsc#1104353 bsc#1134994).
- net: hns3: add support for dump ncl config by debugfs (bsc#1104353 bsc#1134987).
- net: hns3: Add support for netif message level settings (bsc#1104353 bsc#1134989).
- net: hns3: adjust the timing of hns3_client_stop when unloading (bsc#1104353 bsc#1137201).
- net: hns3: always assume no drop TC for performance reason (bsc#1104353 bsc#1135049).
- net: hns3: check 1000M half for hns3_ethtool_ops.set_link_ksettings (bsc#1104353 bsc#1137201).
- net: hns3: check resetting status in hns3_get_stats() (bsc#1104353 bsc#1137201).
- net: hns3: code optimization for command queue' spin lock (bsc#1104353 bsc#1135042).
- net: hns3: combine len and checksum handling for inner and outer header (bsc#1104353 bsc#1134947).
- net: hns3: deactive the reset timer when reset successfully (bsc#1104353 bsc#1137201).
- net: hns3: divide shared buffer between TC (bsc#1104353 bsc#1135047).
- net: hns3: do not initialize MDIO bus when PHY is inexistent (bsc#1104353 bsc#1135045).
- net: hns3: do not request reset when hardware resetting (bsc#1104353 bsc#1137201).
- net: hns3: dump more information when tx timeout happens (bsc#1104353 bsc#1134990).
- net: hns3: extend the loopback state acquisition time (bsc#1104353).
- net: hns3: fix data race between ring->next_to_clean (bsc#1104353 bsc#1134975 bsc#1134945).
- net: hns3: fix error handling for desc filling (bsc#1104353 ).
- net: hns3: fix for HNS3_RXD_GRO_SIZE_M macro (bsc#1104353 bsc#1137201).
- net: hns3: fix for tunnel type handling in hns3_rx_checksum (bsc#1104353 bsc#1134946).
- net: hns3: fix for TX clean num when cleaning TX BD (bsc#1104353 ).
- net: hns3: fix for vport->bw_limit overflow problem (bsc#1104353 bsc#1134998).
- net: hns3: fix keep_alive_timer not stop problem (bsc#1104353 bsc#1135055).
- net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() (bsc#1104353 bsc#1134990).
- net: hns3: fix pause configure fail problem (bsc#1104353 bsc#1134951 bsc#1134951).
- net: hns3: fix set port based VLAN for PF (bsc#1104353 bsc#1135053).
- net: hns3: fix set port based VLAN issue for VF (bsc#1104353 bsc#1135053).
- net: hns3: fix sparse: warning when calling hclge_set_vlan_filter_hw() (bsc#1104353 bsc#1134999).
- net: hns3: fix VLAN offload handle for VLAN inserted by port (bsc#1104353 bsc#1135053).
- net: hns3: free the pending skb when clean RX ring (bsc#1104353 bsc#1135044).
- net: hns3: handle pending reset while reset fail (bsc#1104353 bsc#1135058).
- net: hns3: handle the BD info on the last BD of the packet (bsc#1104353 bsc#1134974).
- net: hns3: ignore lower-level new coming reset (bsc#1104353 bsc#1137201).
- net: hns3: Make hclge_destroy_cmd_queue static (bsc#1104353 bsc#1137201).
- net: hns3: Make hclgevf_update_link_mode static (bsc#1104353 bsc#1137201).
- net: hns3: minor optimization for datapath (bsc#1104353 ).
- net: hns3: minor optimization for ring_space (bsc#1104353 ).
- net: hns3: minor refactor for hns3_rx_checksum (bsc#1104353 bsc#1135052).
- net: hns3: modify HNS3_NIC_STATE_INITED flag in hns3_reset_notify_uninit_enet (bsc#1104353).
- net: hns3: modify the VF network port media type acquisition method (bsc#1104353 bsc#1137201).
- net: hns3: modify VLAN initialization to be compatible with port based VLAN (bsc#1104353 bsc#1135053).
- net: hns3: not reset TQP in the DOWN while VF resetting (bsc#1104353 bsc#1134952).
- net: hns3: not reset vport who not alive when PF reset (bsc#1104353 bsc#1137201).
- net: hns3: optimize the barrier using when cleaning TX BD (bsc#1104353 bsc#1134945).
- net: hns3: prevent change MTU when resetting (bsc#1104353 bsc#1137201).
- net: hns3: prevent double free in hns3_put_ring_config() (bsc#1104353 bsc#1134950).
- net: hns3: reduce resources use in kdump kernel (bsc#1104353 bsc#1137201).
- net: hns3: refactor BD filling for l2l3l4 info (bsc#1104353 bsc#1134947).
- net: hns3: refine tx timeout count handle (bsc#1104353 bsc#1134990).
- net: hns3: remove redundant assignment of l2_hdr to itself (bsc#1104353).
- net: hns3: remove reset after command send failed (bsc#1104353 bsc#1134949).
- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).
- net: hns3: return 0 and print warning when hit duplicate MAC (bsc#1104353 bsc#1137201).
- net: hns3: set dividual reset level for all RAS and MSI-X errors (bsc#1104353 bsc#1135046).
- net: hns3: set up the vport alive state while reinitializing (bsc#1104353 bsc#1137201).
- net: hns3: set vport alive state to default while resetting (bsc#1104353 bsc#1137201).
- net: hns3: simplify hclgevf_cmd_csq_clean (bsc#1104353 ).
- net: hns3: some cleanup for struct hns3_enet_ring (bsc#1104353 bsc#1134947).
- net: hns3: split function hnae3_match_n_instantiate() (bsc#1104353).
- net: hns3: stop mailbox handling when command queue need re-init (bsc#1104353 bsc#1135058).
- net: hns3: stop sending keep alive msg when VF command queue needs reinit (bsc#1104353 bsc#1134972).
- net: hns3: unify maybe_stop_tx for TSO and non-TSO case (bsc#1104353 bsc#1134947).
- net: hns3: unify the page reusing for page size 4K and 64K (bsc#1104353 bsc#1134947).
- net: hns3: use a reserved byte to identify need_resp flag (bsc#1104353).
- net: hns3: use atomic_t replace u32 for arq's count (bsc#1104353 bsc#1134953).
- net: hns3: use devm_kcalloc when allocating desc_cb (bsc#1104353 bsc#1134947).
- net: hns3: use napi_schedule_irqoff in hard interrupts handlers (bsc#1104353 bsc#1134947).
- net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15).
- net: initialize skb->peeked when cloning (git-fixes).
- net: make skb_partial_csum_set() more robust against overflows (git-fixes).
- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07).
- net: phy: marvell: add new default led configure for m88e151x (bsc#1135018).
- net: phy: marvell: change default m88e1510 LED configuration (bsc#1135018).
- net: phy: marvell: Enable interrupt function on LED2 pin (bsc#1135018).
- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).
- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
- net: rose: fix a possible stack overflow (networking-stable-19_03_28).
- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15).
- net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).
- net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15).
- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
- net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07).
- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).
- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).
- net: test tailroom before appending to linear skb (git-fixes).
- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).
- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
- net: use indirect call wrappers at GRO network layer (bsc#1124503).
- net: use indirect call wrappers at GRO transport layer (bsc#1124503).
- net: validate untrusted gso packets without csum offload (networking-stable-19_02_20).
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes).
- net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24).
- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).
- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes).
- netfilter: drop template ct when conntrack is skipped (git-fixes).
- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).
- netfilter: ebtables: handle string from userspace with care (git-fixes).
- netfilter: ebtables: reject non-bridge targets (git-fixes).
- netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes).
- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).
- netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes).
- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes).
- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).
- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).
- netfilter: nf_tables: fix leaking object reference count (git-fixes).
- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).
- netfilter: nf_tables: release chain in flushing set (git-fixes).
- netfilter: nft_compat: do not dump private area (git-fixes).
- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes).
- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes).
- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).
- netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).
- netlink: fix uninit-value in netlink_sendmsg (git-fixes).
- nfc: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).
- nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).
- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
- nfs: add module option to limit NFSv4 minor version (jsc#PM-231).
- nfs: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes).
- nfs: Do not use page_file_mapping after removing the page (git-fixes).
- nfs: Fix a soft lockup in the delegation recovery code (git-fixes).
- nfs: Fix a typo in nfs_init_timeout_values() (git-fixes).
- nfs: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).
- nfs: Fix dentry revalidation on nfsv4 lookup (bsc#1132618).
- nfs: Fix I/O request leakages (git-fixes).
- nfs: fix mount/umount race in nlmclnt (git-fixes).
- nfsd4: catch some false session retries (git-fixes).
- nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).
- nfsv4.1 do not free interrupted slot on open (git-fixes).
- nfsv4.1: Reinitialise sequence results before retransmitting a request (git-fixes).
- nfsv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).
- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
- nvme-fc: use separate work queue to avoid warning (bsc#1131673).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1130937).
- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).
- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
- nvme: add proper discard setup for the multipath device (bsc#1114638).
- nvme: Do not remove namespaces during reset (bsc#1131673).
- nvme: fix the dangerous reference of namespaces list (bsc#1131673).
- nvme: flush scan_work when resetting controller (bsc#1131673).
- nvme: make sure ns head inherits underlying device limits (bsc#1131673).
- nvme: only reconfigure discard if necessary (bsc#1114638).
- objtool: Fix function fallthrough detection (bsc#1058115).
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- overflow: Fix -Wtype-limits compilation warnings (bsc#1111666).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (git-fixes).
- packet: refine ring v3 block size test to hold one frame (git-fixes).
- packet: reset network header if packet shorter than ll reserved space (git-fixes).
- packet: validate msg_namelen in send directly (git-fixes).
- packets: Always register packet sk in the same order (networking-stable-19_03_28).
- pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).
- pci: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).
- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).
- pci: Factor out pcie_retrain_link() function (git-fixes).
- pci: Init pcie feature bits for managed host bridge alloc (bsc#1111666).
- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
- pci: pciehp: Convert to threaded IRQ (bsc#1133005).
- pci: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).
- pci: pciehp: Tolerate Presence Detect hardwired to zero (bsc#1133016).
- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).
- perf tools: Add Hygon Dhyana support ().
- perf/x86/amd: Add event map for AMD Family 17h (bsc#1134223).
- perf/x86/amd: Update generic hardware cache events for Family 17h (bsc#1134223).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- phy: sun4i-usb: Support set_mode to usb_HOST for non-OTG PHYs (bsc#1051510).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
- powerpc/64: Make meltdown reporting Book3S 64 specific
- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).
- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
- powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).
- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).
- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).
- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).
- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).
- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).
- powerpc/mm: Check secondary hash page table (bsc#1065729).
- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).
- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).
- powerpc/numa: improve control of topology updates (bsc#1133584).
- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).
- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).
- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).
- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).
- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).
- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).
- powerpc/powernv: Do not reprogram SLW image on every kvm guest entry/exit (bsc#1061840).
- powerpc/powernv: Make opal log only readable by root (bsc#1065729).
- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).
- powerpc/process: Fix sparse address space warnings (bsc#1065729).
- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).
- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).
- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).
- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).
- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).
- powerpc: Fix 32-bit kvm-PR lockup and host crash with MacOS guest (bsc#1061840).
- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
- proc/kcore: do not bounds check against address 0 (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'faspath' -> 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'inculde' -> 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128971).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qla2xxx: kABI fixes for v10.00.00.14-k (bsc#1136215).
- qla2xxx: kABI fixes for v10.01.00.15-k (bsc#1136215).
- qlcnic: remove assumption that vlan_tci != 0 (bsc#1136469 jsc#SLE-4695).
- qlcnic: remove set but not used variables 'cur_rings, max_hw_rings, tx_desc_info' (bsc#1136469 jsc#SLE-4695).
- qlcnic: remove set but not used variables 'op, cmd_op' (bsc#1136469 jsc#SLE-4695).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).
- ras/cec: Check the correct variable in the debugfs error handling (bsc#1085535).
- ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15).
- rdma/cxbg: Use correct sizing on buffers holding page DMA addresses (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).
- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).
- rdma/cxgb4: Add support for srq functions and structs (bsc#1127371).
- rdma/cxgb4: Don't expose DMA addresses (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Fix null pointer dereference on alloc_skb failure (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: fix some info leaks (bsc#1127371).
- rdma/cxgb4: Fix spelling mistake 'immedate' -> 'immediate' (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).
- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).
- rdma/cxgb4: Remove kref accounting for sync operation (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Use sizeof() notation (bsc#1136348 jsc#SLE-4684).
- rdma/hns: Add constraint on the setting of local ACK timeout (bsc#1104427 bsc#1137233).
- rdma/hns: Add SCC context allocation support for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Add SCC context clr support for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Add the process of AEQ overflow for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Add timer allocation support for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Bugfix for mapping user db (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for posting multiple srq work request (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for SCC hem free (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for sending with invalidate (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for set hem of SCC (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for the scene without receiver queue (bsc#1104427 bsc#1137233).
- rdma/hns: Configure capacity of hns device (bsc#1104427 bsc#1137236).
- rdma/hns: Delete unused variable in hns_roce_v2_modify_qp function (bsc#1104427).
- rdma/hns: Delete useful prints for aeq subtype event (bsc#1104427 bsc#1126206).
- rdma/hns: Fix bad endianess of port_pd variable (bsc#1104427 ).
- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
- rdma/hns: Fix the bug with updating rq head pointer when flush cqe (bsc#1104427 bsc#1137233).
- rdma/hns: Fix the chip hanging caused by sending doorbell during reset (bsc#1104427 bsc#1137232).
- rdma/hns: Fix the chip hanging caused by sending mailbox CMQ during reset (bsc#1104427 bsc#1137232).
- rdma/hns: Fix the Oops during rmmod or insmod ko when reset occurs (bsc#1104427 bsc#1137232).
- rdma/hns: Fix the state of rereg mr (bsc#1104427 bsc#1137236).
- rdma/hns: Hide error print information with roce vf device (bsc#1104427 bsc#1137236).
- rdma/hns: Limit minimum ROCE CQ depth to 64 (bsc#1104427 bsc#1137236).
- rdma/hns: Limit scope of hns_roce_cmq_send() (bsc#1104427 ).
- rdma/hns: Make some function static (bsc#1104427 bsc#1126206).
- rdma/hns: Modify qp specification according to UM (bsc#1104427 bsc#1137233).
- rdma/hns: Modify the pbl ba page size for hip08 (bsc#1104427 bsc#1137233).
- rdma/hns: Move spin_lock_irqsave to the correct place (bsc#1104427 bsc#1137236).
- rdma/hns: Only assgin some fields if the relatived attr_mask is set (bsc#1104427).
- rdma/hns: Only assign the fields of the rq psn if ib_QP_RQ_PSN is set (bsc#1104427).
- rdma/hns: Only assign the relatived fields of psn if ib_QP_SQ_PSN is set (bsc#1104427).
- rdma/hns: rdma/hns: Assign rq head pointer when enable rq record db (bsc#1104427 bsc#1137236).
- rdma/hns: Remove jiffies operation in disable interrupt context (bsc#1104427 bsc#1137236).
- rdma/hns: Remove set but not used variable 'rst' (bsc#1104427 bsc#1126206).
- rdma/hns: Set allocated memory to zero for wrid (bsc#1104427 bsc#1137236).
- rdma/hns: Support to create 1M srq queue (bsc#1104427 ).
- rdma/hns: Update CQE specifications (bsc#1104427 bsc#1137236).
- rdma/hns: Update the range of raq_psn field of qp context (bsc#1104427).
- rdma/i40iw: Handle workqueue allocation failure (jsc#SLE-4793).
- rdma/iw_cxgb4: Always disconnect when QP is transitioning to TERMINATE state (bsc#1136348 jsc#SLE-4684).
- rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).
- rdma/iwcm: add tos_set bool to iw_cm struct (bsc#1136348 jsc#SLE-4684).
- rdma/qedr: Fix incorrect device rate (bsc#1136188).
- rdma/qedr: Fix out of bounds index check in query pkey (bsc#1136456 jsc#SLE-4689).
- rdma/rdmavt: Use correct sizing on buffers holding page DMA addresses (jsc#SLE-4925).
- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).
- rdma/smc: Replace ib_query_gid with rdma_get_gid_attr (bsc#1131530 LTC#176717).
- rds: fix refcount bug in rds_sock_addref (git-fixes).
- rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- ring-buffer: Check if memory is available before allocation (bsc#1132531).
- route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (networking-stable-19_03_15).
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- rxrpc: Do not release call mutex on error pointer (git-fixes).
- rxrpc: Do not treat call aborts as conn aborts (git-fixes).
- rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15).
- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).
- rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).
- s390/dasd: fix panic for failed online processing (bsc#1132589).
- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).
- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- scripts/git_sort/git_sort.py: remove old SCSI git branches
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi: hisi: KABI ignore new symbols (bsc#1135038).
- scsi: hisi_sas: add host reset interface for test (bsc#1135041).
- scsi: hisi_sas: Add softreset in hisi_sas_I_T_nexus_reset() (bsc#1135033).
- scsi: hisi_sas: Adjust the printk format of functions hisi_sas_init_device() (bsc#1135037).
- scsi: hisi_sas: allocate different SAS address for directly attached situation (bsc#1135036).
- scsi: hisi_sas: Do not fail IT nexus reset for Open Reject timeout (bsc#1135033).
- scsi: hisi_sas: Do not hard reset disk during controller reset (bsc#1135034).
- scsi: hisi_sas: Fix for setting the PHY linkrate when disconnected (bsc#1135038).
- scsi: hisi_sas: Remedy inconsistent PHY down state in software (bsc#1135039).
- scsi: hisi_sas: remove the check of sas_dev status in hisi_sas_I_T_nexus_reset() (bsc#1135037).
- scsi: hisi_sas: Send HARD RESET to clear the previous affiliation of STP target port (bsc#1135037).
- scsi: hisi_sas: Set PHY linkrate when disconnected (bsc#1135038).
- scsi: hisi_sas: Some misc tidy-up (bsc#1135031).
- scsi: hisi_sas: Support all RAS events with MSI interrupts (bsc#1135035).
- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).
- scsi: libsas: Do discovery on empty PHY to update PHY info (bsc#1135024).
- scsi: libsas: Improve vague log in SAS rediscovery (bsc#1135027).
- scsi: libsas: Inject revalidate event for root port event (bsc#1135026).
- scsi: libsas: Print expander PHY indexes in decimal (bsc#1135021).
- scsi: libsas: Stop hardcoding SAS address length (bsc#1135029).
- scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery (bsc#1135028).
- scsi: libsas: Try to retain programmed min linkrate for SATA min pathway unmatch fixing (bsc#1135028).
- scsi: qedf: fixup bit operations (bsc#1135542).
- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
- scsi: qla2xxx: Add 28xx flash primary/secondary status/image mechanism (bsc#1136215).
- scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1136215).
- scsi: qla2xxx: Add First Burst support for FC-NVMe devices (bsc#1136215).
- scsi: qla2xxx: Add fw_attr and port_no SysFS node (bsc#1136215).
- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).
- scsi: qla2xxx: Add new FW dump template entry types (bsc#1136215).
- scsi: qla2xxx: Add protection mask module parameters (bsc#1136215).
- scsi: qla2xxx: Add Serdes support for ISP28XX (bsc#1136215).
- scsi: qla2xxx: Add support for multiple fwdump templates/segments (bsc#1136215).
- scsi: qla2xxx: Add support for setting port speed (bsc#1136215).
- scsi: qla2xxx: Avoid pci IRQ affinity mapping when multiqueue is not supported (bsc#1136215).
- scsi: qla2xxx: avoid printf format warning (bsc#1136215).
- scsi: qla2xxx: Check for FW started flag before aborting (bsc#1136215).
- scsi: qla2xxx: check for kstrtol() failure (bsc#1136215).
- scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path (bsc#1136215).
- scsi: qla2xxx: Correction and improvement to fwdt processing (bsc#1136215).
- scsi: qla2xxx: Correctly report max/min supported speeds (bsc#1136215).
- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
- scsi: qla2xxx: Fix code indentation for qla27xx_fwdt_entry (bsc#1136215).
- scsi: qla2xxx: Fix DMA error when the DIF sg buffer crosses 4GB boundary (bsc#1136215).
- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
- scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bsc#1136215).
- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
- scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (bsc#1136215).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- scsi: qla2xxx: Fix read offset in qla24xx_load_risc_flash() (bsc#1136215).
- scsi: qla2xxx: Fix routine qla27xx_dump_{mpi|ram}() (bsc#1136215).
- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).
- scsi: qla2xxx: Fix unload when NVMe devices are configured (bsc#1136215).
- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).
- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).
- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).
- scsi: qla2xxx: Move debug messages before sending srb preventing panic (bsc#1136215).
- scsi: qla2xxx: Move marker request behind QPair (bsc#1136215).
- scsi: qla2xxx: no need to check return value of debugfs_create functions (bsc#1136215).
- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).
- scsi: qla2xxx: Prevent multiple ADISC commands per session (bsc#1136215).
- scsi: qla2xxx: Prevent SysFS access when chip is down (bsc#1136215).
- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
- scsi: qla2xxx: Remove FW default template (bsc#1136215).
- scsi: qla2xxx: remove redundant null check on pointer sess (bsc#1136215).
- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).
- scsi: qla2xxx: Remove unused symbols (bsc#1118139).
- scsi: qla2xxx: Secure flash update support for ISP28XX (bsc#1136215).
- scsi: qla2xxx: Set remote port devloss timeout to 0 (bsc#1136215).
- scsi: qla2xxx: Simplification of register address used in qla_tmpl.c (bsc#1136215).
- scsi: qla2xxx: Simplify conditional check again (bsc#1136215).
- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
- scsi: qla2xxx: Update driver version to 10.00.00.14-k (bsc#1136215).
- scsi: qla2xxx: Update driver version to 10.01.00.15-k (bsc#1136215).
- scsi: qla2xxx: Update flash read/write routine (bsc#1136215).
- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).
- scsi: smartpqi: add H3C controller IDs (bsc#1133547).
- scsi: smartpqi: add h3c ssid (bsc#1133547).
- scsi: smartpqi: add no_write_same for logical volumes (bsc#1133547).
- scsi: smartpqi: add ofa support (bsc#1133547).
- scsi: smartpqi: Add retries for device reset (bsc#1133547).
- scsi: smartpqi: add smp_utils support (bsc#1133547).
- scsi: smartpqi: add spdx (bsc#1133547).
- scsi: smartpqi: add support for huawei controllers (bsc#1133547).
- scsi: smartpqi: add support for PQI Config Table handshake (bsc#1133547).
- scsi: smartpqi: add sysfs attributes (bsc#1133547).
- scsi: smartpqi: allow for larger raid maps (bsc#1133547).
- scsi: smartpqi: bump driver version (bsc#1133547).
- scsi: smartpqi: bump driver version (bsc#1133547).
- scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() (bsc#1133547).
- scsi: smartpqi: check for null device pointers (bsc#1133547).
- scsi: smartpqi: correct host serial num for ssa (bsc#1133547).
- scsi: smartpqi: correct lun reset issues (bsc#1133547).
- scsi: smartpqi: correct volume status (bsc#1133547).
- scsi: smartpqi: do not offline disks for transient did no connect conditions (bsc#1133547).
- scsi: smartpqi: enhance numa node detection (bsc#1133547).
- scsi: smartpqi: fix build warnings (bsc#1133547).
- scsi: smartpqi: fix disk name mount point (bsc#1133547).
- scsi: smartpqi: fully convert to the generic DMA API (bsc#1133547).
- scsi: smartpqi: increase fw status register read timeout (bsc#1133547).
- scsi: smartpqi: increase LUN reset timeout (bsc#1133547).
- scsi: smartpqi: refactor sending controller raid requests (bsc#1133547).
- scsi: smartpqi: Reporting 'logical unit failure' (bsc#1133547).
- scsi: smartpqi: turn off lun data caching for ptraid (bsc#1133547).
- scsi: smartpqi: update copyright (bsc#1133547).
- scsi: smartpqi: update driver version (bsc#1133547).
- scsi: smartpqi: wake up drives after os resumes from suspend (bsc#1133547).
- scsi: smartpqi_init: fix boolean expression in pqi_device_remove_start (bsc#1133547).
- scsi: zfcp: make DIX experimental, disabled, and independent of DIF (jsc#SLE-6772).
- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).
- sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24).
- sctp: fix identification of new acks for SFR-CACC (git-fixes).
- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).
- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).
- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- signal: Always notice exiting tasks (git-fixes).
- signal: Better detection of synchronous signals (git-fixes).
- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24).
- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- soc: imx-sgtl5000: add missing put_device() (bsc#1051510).
- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).
- spi-mem: fix kernel-doc for spi_mem_dirmap_{read|write}() (bsc#1111666).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: Add missing pm_runtime_put_noidle() after failed get (bsc#1111666).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi: Micrel eth switch: declare missing of table (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).
- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).
- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).
- staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bsc#1111666).
- staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bsc#1111666).
- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).
- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
- sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).
- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).
- svm: Fix AVIC DFR and LDR handling (bsc#1132558).
- switchtec: Fix unintended mask of MRPC event (git-fixes).
- sysctl: handle overflow for file-max (bsc#1051510).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
- tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#1137586).
- tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: purge write queue in tcp_connect_init() (git-fixes).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).
- tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).
- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).
- team: set slave to promisc if team is already in promisc mode (bsc#1051510).
- testing: nvdimm: provide SZ_4G constant (bsc#1132982).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).
- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).
- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
- tipc: fix race condition causing hung sendto (networking-stable-19_03_07).
- tipc: missing entries in name table of publications (networking-stable-19_04_19).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tools/cpupower: Add Hygon Dhyana support ().
- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).
- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).
- tracing: Fix buffer_ref pipe ops (bsc#1133698).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- treewide: Use DEVICE_ATTR_WO (bsc#1137739).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: serial_core, add ->install (bnc#1129693).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).
- tun: fix blocking read (networking-stable-19_03_07).
- tun: properly test for IFF_UP (networking-stable-19_03_28).
- tun: remove unnecessary memory barrier (networking-stable-19_03_07).
- uas: fix alignment of scatter/gather segments (bsc#1129770).
- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: cdc-acm: fix unthrottle races (bsc#1051510).
- usb: chipidea: Grab the (legacy) usb PHY by phandle first (bsc#1051510).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).
- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- usb: serial: fix unthrottle races (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- usb: yurex: Fix protection fault after device removal (bsc#1051510).
- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).
- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).
- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).
- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).
- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).
- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).
- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).
- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).
- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).
- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).
- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- vhost: reject zero size iova range (networking-stable-19_04_19).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vt: always call notifier with the console lock held (bsc#1051510).
- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).
- vxlan: test dev->flags and IFF_UP before calling netif_rx() (networking-stable-19_02_20).
- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).
- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).
- x86/alternative: Init ideal_nops for Hygon Dhyana ().
- x86/amd_nb: Check vendor in AMD-only functions ().
- x86/apic: Add Hygon Dhyana support ().
- x86/bugs: Add Hygon Dhyana to the respective mitigation machinery ().
- x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die processors ().
- x86/cpu/mtrr: Support TOP_MEM2 and get MTRR number ().
- x86/cpu: Create Hygon Dhyana architecture support file ().
- x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana ().
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/events: Add Hygon Dhyana support to PMU infrastructure ().
- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).
- x86/kvm: Add Hygon Dhyana support to kvm ().
- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and pciE SMCA bank types (bsc#1128415).
- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).
- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).
- x86/mce: Add Hygon Dhyana support to the MCA infrastructure ().
- x86/mce: Do not disable MCA banks when offlining a CPU on AMD ().
- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).
- x86/mce: Handle varying MCA bank counts (bsc#1128415).
- x86/msr-index: Cleanup bit defines (bsc#1111331).
- x86/pci, x86/amd_nb: Add Hygon Dhyana support to pci and northbridge ().
- x86/pci: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).
- x86/perf/amd: Remove need to check 'running' bit in NMI handler (bsc#1131438).
- x86/perf/amd: Resolve NMI latency issues for active PMCs (bsc#1131438).
- x86/perf/amd: Resolve race condition when disabling PMC (bsc#1131438).
- x86/smpboot: Do not use BSP INIT delay and MWAIT to idle on Dhyana ().
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).
- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).
- x86/xen: Add Hygon Dhyana support to Xen ().
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07).
- xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07).
- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
- xfrm6: call kfree_skb when skb is toobig (git-fixes).
- xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes).
- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
- xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).
- xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).
- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).
- xfrm: Return error on unknown encap_type in init_state (git-fixes).
- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
- xfs: add log item pinning error injection tag (bsc#1114427).
- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).
- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).
- xfs: buffer lru reference count error injection tag (bsc#1114427).
- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).
- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).
- xfs: check _btree_check_block value (bsc#1123663).
- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).
- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
- xfs: create block pointer check functions (bsc#1123663).
- xfs: create inode pointer verifiers (bsc#1114427).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
- xfs: export various function for the online scrubber (bsc#1123663).
- xfs: expose errortag knobs via sysfs (bsc#1114427).
- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).
- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).
- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).
- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).
- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).
- xfs: force summary counter recalc at next mount (bsc#1114427).
- xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: make errortag a per-mountpoint structure (bsc#1123663).
- xfs: move error injection tags into their own file (bsc#1114427).
- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor btree block header checking functions (bsc#1123663).
- xfs: refactor btree pointer checks (bsc#1123663).
- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).
- xfs: refactor unmount record write (bsc#1114427).
- xfs: refactor xfs_trans_roll (bsc#1133667).
- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).
- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).
- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).
- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).
- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).
- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
- xfs: sanity-check the unused space before trying to use it (bsc#1123663).
- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).
- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).
- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).
- xsk: export xdp_get_umem_from_qid (jsc#SLE-4797).
Patchnames
SUSE-2019-1550,SUSE-SLE-Module-Basesystem-15-SP1-2019-1550,SUSE-SLE-Module-Development-Tools-15-SP1-2019-1550,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1550,SUSE-SLE-Module-Legacy-15-SP1-2019-1550,SUSE-SLE-Module-Live-Patching-15-SP1-2019-1550,SUSE-SLE-Product-HA-15-SP1-2019-1550,SUSE-SLE-Product-WE-15-SP1-2019-1550
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-12819: The function __mdiobus_register() called put_device(), which\n triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of\n service. (bsc#1138291)\n\n- CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c\n may return NULL. If the caller does not check for this, it will trigger a\n NULL pointer dereference. This will cause denial of service. This used to\n affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293)\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can\n trigger an integer overflow, leading to a kernel panic.\n\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which\n will fragment the TCP retransmission queue. An attacker may have been able to\n further exploit the fragmented queue to cause an expensive linked-list walk\n for subsequent SACKs received for that same TCP connection.\n\n- CVE-2019-11479: An attacker could force the Linux kernel to segment its\n responses into multiple TCP segments. This would drastically increased the\n bandwidth required to deliver the same amount of data. Further, it would\n consume additional resources such as CPU and NIC processing power.\n\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly\n escalate privileges was found in the mwifiex kernel module while connecting\n to a malicious wireless network. (bsc#1136424)\n\n- CVE-2019-10124: An issue was discovered in the hwpoison implementation in\n mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs\n on a thp tail page after pmd is split, an attacker could cause a denial of\n service (bsc#1130699, CVE-2019-10124).\n\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in\n drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked\n kstrdup of fwstr, which might allow an attacker to cause a denial of service\n (NULL pointer dereference and system crash). (bsc#1136586)\n\n- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with\n resultant use-after-free issues, if about 140 GiB of RAM exists. This is\n related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h,\n include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c.\n It could occur with FUSE requests. (bbsc#1133190)\n\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux\n kernel allowed local attackers to observe page cache access patterns of other\n processes on the same system, potentially allowing sniffing of secret\n information. (Fixing this affects the output of the fincore program.) Limited\n remote exploitation may be possible, as demonstrated by latency differences\n in accessing public files from an Apache HTTP Server. (bsc#1120843)\n\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the\n unused memory region in the extent tree block, which might allow local users\n to obtain sensitive information by reading uninitialized data in the\n filesystem. (bsc#1135281)\n\n- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM):\n Uncacheable memory on some microprocessors utilizing speculative execution\n may have allowed an authenticated user to potentially enable information\n disclosure via a side channel with local access. A list of impacted products\n can be found here:\n https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.\n (bsc##1111331)\n\n- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name\n was not called before register_netdevice. This allowed local users to cause a\n denial of service (NULL pointer dereference and panic) via an\n ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603)\n\n- CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer\n Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing\n speculative execution which may have allowed an authenticated user to\n potentially enable information disclosure via a side channel with local\n access. A list of impacted products can be found here:\n https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.\n (bsc#1103186)\n\n- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in\n Intel(R) i915 Graphics for Linux may have allowed an authenticated user to\n potentially enable escalation of privilege via local access. (bsc#1135278)\n\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c\n in the Linux kernel There was a race condition leading to a use-after-free,\n related to net namespace cleanup. (bsc#1135278)\n\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c\n in the Linux kernel allowed a local user to obtain potentially sensitive\n information from kernel stack memory via a hidPCONNADD command, because a\n name field may not end with a '\\0' character. (bsc#1134848)\n\n- CVE-2019-11811: An issue was discovered in the Linux kernel There was a\n use-after-free upon attempted read access to /proc/ioports after the ipmi_si\n module was removed, related to drivers/char/ipmi/ipmi_si_intf.c,\n drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.\n (bsc#1134397)\n\n- CVE-2019-11486: The Siemens R3964 line discipline driver in\n drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions.\n (bsc#1133188)\n\n- CVE-2019-9003: In the Linux kernel, attackers could trigger a\n drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for\n certain simultaneous execution of the code, as demonstrated by a 'service\n ipmievd restart' loop. (bsc#1126704)\n\n- CVE-2018-16880: A flaw was found in the Linux kernel's handle_rx() function\n in the [vhost_net] driver. A malicious virtual guest, under specific\n conditions, could trigger an out-of-bounds write in a kmalloc-8 slab on a\n virtual host which may have lead to a kernel memory corruption and a system\n panic. Due to the nature of the flaw, privilege escalation cannot be fully\n ruled out.(bsc#1122767)\n\n- CVE-2019-9503: An issue was discoved which meant that brcmfmac frame\n validation could be bypassed. (bsc#1132828)\n\n- CVE-2019-9500: An issue was discovered that lead to brcmfmac heap buffer\n overflow. (bsc#1132681)\n\n- CVE-2019-8564: An issue was discoved which meant that brcmfmac frame\n validation could be bypassed. (bsc#1132673)\n\n- CVE-2017-5753: Systems with microprocessors utilizing speculative execution\n and branch prediction may have allowed unauthorized disclosure of information\n to an attacker with local user access via a side-channel analysis.\n\n- CVE-2019-3882: A flaw was found in the Linux kernel's vfio interface\n implementation that permitted violation of the user's locked memory limit. If\n a device was bound to a vfio driver, such as vfio-pci, and the local attacker\n is administratively granted ownership of the device, it may have caused a\n system memory exhaustion and thus a denial of service (DoS). (bsc#1131427)\n\nThe following non-security bugs were fixed:\n\n- 9p locks: add mount option for lock retry interval (bsc#1051510).\n- 9p: do not trust pdu content for stat item size (bsc#1051510).\n- acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).\n- acpi / utils: Drop reference in test for device presence (bsc#1051510).\n- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).\n- acpi: Add Hygon Dhyana support ().\n- acpi: button: reinitialize button state upon resume (bsc#1051510).\n- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).\n- acpi: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bsc#1111666).\n- acpi: property: restore _DSD data subnodes GUID comment (bsc#1111666).\n- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).\n- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).\n- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).\n- alsa: core: Fix card races between register and disconnect (bsc#1051510).\n- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- alsa: hda - Add two more machines to the power_save_blacklist (bsc#1051510).\n- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).\n- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).\n- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).\n- alsa: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).\n- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).\n- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).\n- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: hda/realtek - EAPD turn on later (bsc#1051510).\n- alsa: hda/realtek - Enable micmute LED for Huawei laptops (bsc#1051510).\n- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).\n- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).\n- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).\n- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).\n- alsa: hda/realtek - Move to ACT_INIT state (bsc#1111666).\n- alsa: hda/realtek - Support low power consumption for ALC256 (bsc#1051510).\n- alsa: hda/realtek - Support low power consumption for ALC295 (bsc#1051510).\n- alsa: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bsc#1111666).\n- alsa: hda: Initialize power_state field properly (bsc#1051510).\n- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).\n- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).\n- alsa: line6: use dynamic buffers (bsc#1051510).\n- alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).\n- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).\n- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).\n- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- alsa: timer: Coding style fixes (bsc#1051510).\n- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- alsa: timer: Make sure to clear pending ack list (bsc#1051510).\n- alsa: timer: Revert active callback sync check at close (bsc#1051510).\n- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- alsa: timer: Unify timer callback process code (bsc#1051510).\n- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).\n- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- alsa: usx2y: fix a double free bug (bsc#1051510).\n- appletalk: Fix compile regression (bsc#1051510).\n- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).\n- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).\n- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).\n- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).\n- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).\n- arm64: fix acpi dependencies (bsc#1117158).\n- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).\n- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).\n- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).\n- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).\n- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).\n- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).\n- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).\n- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).\n- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).\n- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).\n- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).\n- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- asoc: fix valid stream condition (bsc#1051510).\n- asoc: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).\n- asoc: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).\n- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- asoc: stm32: fix sai driver name initialisation (bsc#1051510).\n- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- asoc: topology: free created components in tplg load error (bsc#1051510).\n- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).\n- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).\n- ath10k: avoid possible string overflow (bsc#1051510).\n- ath10k: snoc: fix unbalanced clock error handling (bsc#1111666).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).\n- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: treat stale and dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- bitmap: Add bitmap_alloc(), bitmap_zalloc() and bitmap_free() (jsc#SLE-4797).\n- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).\n- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).\n- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).\n- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).\n- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).\n- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).\n- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).\n- blkcg: Introduce blkg_root_lookup() (bsc#1131673).\n- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).\n- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).\n- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).\n- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).\n- block: fix the return errno for direct IO (bsc#1135320).\n- block: fix use-after-free on gendisk (bsc#1135312).\n- block: Introduce blk_exit_queue() (bsc#1131673).\n- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).\n- block: remove bio_rewind_iter() (bsc#1131673).\n- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).\n- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).\n- bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).\n- bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- bnx2x: Add support for detection of P2P event packets (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Bump up driver version to 1.713.36 (bsc#1136498 jsc#SLE-4699).\n- bnx2x: fix spelling mistake 'dicline' -> 'decline' (bsc#1136498 jsc#SLE-4699).\n- bnx2x: fix various indentation issues (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Remove set but not used variable 'mfw_vn' (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Replace magic numbers with macro definitions (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Use struct_size() in kzalloc() (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Utilize FW 7.13.11.0 (bsc#1136498 jsc#SLE-4699).\n- bnxt_en: Add device IDs 0x1806 and 0x1752 for 57500 devices (bsc#1137224).\n- bnxt_en: Add support for BCM957504 (bsc#1137224).\n- bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07).\n- bnxt_en: Fix aggregation buffer leak under OOM condition (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix statistics context reservation logic (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).\n- bnxt_en: Improve multicast address setup logic (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).\n- bnxt_en: Improve NQ reservations (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).\n- bnxt_en: Pass correct extended TX port statistics size to firmware (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Reduce memory usage when running in kdump kernel (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).\n- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).\n- bonding: fix PACKET_ORIGDEV regression (git-fixes).\n- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).\n- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).\n- bpf: Add missed newline in verifier verbose log (bsc#1056787).\n- bpf: fix use after free in bpf_evict_inode (bsc#1083647).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- brcmfmac: fix leak of mypkt on error return path (bsc#1111666).\n- broadcom: Mark expected switch fall-throughs (bsc#1136498 jsc#SLE-4699).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).\n- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).\n- btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).\n- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).\n- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).\n- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).\n- btrfs: fix race updating log root item during fsync (bsc#1137153).\n- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).\n- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).\n- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- cfg80211: Handle WMM rules in regulatory domain intersection (bsc#1111666).\n- cgroup: fix parsing empty mount option string (bsc#1133094).\n- chelsio: use BUG() instead of BUG_ON(1) (bsc#1136345 jsc#SLE-4681).\n- cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).\n- cifs: do not dereference smb_file_target before null check (bsc#1051510).\n- cifs: Do not hide EINTR after sending network packets (bsc#1051510).\n- cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).\n- cifs: Do not reset lease state to NONE on lease break (bsc#1051510).\n- cifs: Fix adjustment of credits for MTU requests (bsc#1051510).\n- cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510).\n- cifs: Fix credits calculations for reads with errors (bsc#1051510).\n- cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).\n- cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).\n- cifs: Fix potential OOB access of lock element array (bsc#1051510).\n- cifs: Fix read after write for files with read caching (bsc#1051510).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).\n- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).\n- config: arm64: enable CN99xx uncore pmu References: bsc#1117114\n- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).\n- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).\n- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).\n- cpufreq: Add Hygon Dhyana support ().\n- cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ ().\n- cpupowerutils: bench - Fix cpu online check (bsc#1051510).\n- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).\n- crypto: caam - add missing put_device() call (bsc#1129770).\n- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).\n- crypto: caam/qi2 - fix DMA mapping of stack memory (bsc#1111666).\n- crypto: caam/qi2 - fix zero-length buffer DMA mapping (bsc#1111666).\n- crypto: caam/qi2 - generate hash keys in-place (bsc#1111666).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: chcr - ESN for Inline IPSec Tx (bsc#1136353 jsc#SLE-4688).\n- crypto: chcr - small packet Tx stalls the queue (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - avoid using sa_entry imm (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - check set_msg_len overflow in generate_b0 (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - clean up various indentation issues (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - cleanup:send addr as value in function argument (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - count incomplete block in IV (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix NULL pointer dereference (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix passing zero to 'PTR_ERR' warning in chcr_aead_op (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix softlockup with heavy I/O (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix wrong error counter increments (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fixed Traffic Stall (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Handle pci shutdown event (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Inline single pdu only (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - remove set but not used variable 'kctx_len' (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - remove set but not used variables 'adap' (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Reset counters on cxgb4 Detach (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Swap location of AAD and IV sent in WR (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Use same value for both channel in single WR (bsc#1136353 jsc#SLE-4688).\n- crypto: chtls - remove cdev_list_lock (bsc#1136353 jsc#SLE-4688).\n- crypto: chtls - remove set but not used variables 'err, adap, request, hws' (bsc#1136353 jsc#SLE-4688).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).\n- crypto: prefix header search paths with $(srctree)/ (bsc#1136353 jsc#SLE-4688).\n- crypto: qat - move temp buffers off the stack (jsc#SLE-4818).\n- crypto: qat - no need to check return value of debugfs_create functions (jsc#SLE-4818).\n- crypto: qat - Remove unused goto label (jsc#SLE-4818).\n- crypto: qat - Remove VLA usage (jsc#SLE-4818).\n- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).\n- cxgb4/chtls: Prefix adapter flags with CXGB4 (bsc#1136345 jsc#SLE-4681).\n- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).\n- cxgb4/cxgb4vf: Display advertised FEC in ethtool (bsc#1136345 jsc#SLE-4681).\n- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).\n- cxgb4/cxgb4vf: Fix up netdev->hw_features (bsc#1136345 jsc#SLE-4681).\n- cxgb4/cxgb4vf: Link management changes (bsc#1127371).\n- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).\n- cxgb4/cxgb4vf_main: Mark expected switch fall-through (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).\n- cxgb4: Add flag tc_flower_initialized (bsc#1127371).\n- cxgb4: Add new T5 pci device id 0x50ae (bsc#1127371).\n- cxgb4: Add new T5 pci device ids 0x50af and 0x50b0 (bsc#1127371).\n- cxgb4: Add new T6 pci device ids 0x608a (bsc#1127371).\n- cxgb4: Add new T6 pci device ids 0x608b (bsc#1136345 jsc#SLE-4681).\n- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).\n- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).\n- cxgb4: add support to display DCB info (bsc#1127371).\n- cxgb4: Add support to read actual provisioned resources (bsc#1127371).\n- cxgb4: add tcb flags and tcb rpl struct (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Add VF Link state support (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).\n- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).\n- cxgb4: collect hardware queue descriptors (bsc#1127371).\n- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).\n- cxgb4: convert flower table to use rhashtable (bsc#1127371).\n- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).\n- cxgb4: Delete all hash and TCAM filters before resource cleanup (bsc#1136345 jsc#SLE-4681).\n- cxgb4: display number of rx and tx pages free (bsc#1127371).\n- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).\n- cxgb4: Do not return EAGAIN when TCAM is full (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Enable hash filter with offload (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Enable outer UDP checksum offload for T6 (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).\n- cxgb4: Fix error path in cxgb4_init_module (bsc#1136345 jsc#SLE-4681).\n- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).\n- cxgb4: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).\n- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).\n- cxgb4: kfree mhp after the debug print (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).\n- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).\n- cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1136345 jsc#SLE-4681).\n- cxgb4: remove DEFINE_SIMPLE_DEBUGFS_FILE() (bsc#1136345 jsc#SLE-4681).\n- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).\n- cxgb4: remove set but not used variables 'multitrc, speed' (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).\n- cxgb4: remove the unneeded locks (bsc#1127371).\n- cxgb4: Revert 'cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size' (bsc#1136345 jsc#SLE-4681).\n- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).\n- cxgb4: Support ethtool private flags (bsc#1127371).\n- cxgb4: TLS record offload enable (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Update 1.23.3.0 as the latest firmware supported (bsc#1136345 jsc#SLE-4681).\n- cxgb4: update supported DCB version (bsc#1127371).\n- cxgb4: use firmware API for validating filter spec (bsc#1136345 jsc#SLE-4681).\n- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).\n- cxgb4vf: Call netif_carrier_off properly in pci_probe (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Enter debugging mode if FW is inaccessible (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Few more link management changes (bsc#1127374).\n- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).\n- cxgb4vf: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).\n- cxgb4vf: Prefix adapter flags with CXGB4VF (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Revert force link up behaviour (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).\n- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- dccp: Fix memleak in __feat_register_sp (bsc#1051510).\n- debugfs: fix use-after-free on symlink traversal (bsc#1051510).\n- device_cgroup: fix RCU imbalance in error case (bsc#1051510).\n- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).\n- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).\n- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).\n- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).\n- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).\n- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).\n- dmaengine: tegra210-adma: Fix crash during probe (bsc#1111666).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- documentation: perf: Add documentation for ThunderX2 PMU uncore driver ().\n- drivers/perf: Add Cavium ThunderX2 SoC UNCORE PMU driver ().\n- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).\n- drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).\n- drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).\n- drm/amd/display: extending AUX SW Timeout (bsc#1111666).\n- drm/amd/display: fix cursor black issue (bsc#1111666).\n- drm/amd/display: If one stream full updates, full update all planes (bsc#1111666).\n- drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bsc#1111666).\n- drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bsc#1111666).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).\n- drm/doc: Drop 'content type' from the legacy kms property table (bsc#1111666).\n- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).\n- drm/etnaviv: lock MMU while dumping core (bsc#1113722)\n- drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bsc#1111666).\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/fb-helper: generic: Call drm_client_add() after setup is done (bsc#1111666).\n- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).\n- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)\n- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)\n- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113956)\n- drm/i915/gvt: Annotate iomem usage (bsc#1051510).\n- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).\n- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)\n- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113956)\n- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).\n- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: Prevent use-after-free in ppgtt_free_all_spt() (bsc#1111666).\n- drm/i915/gvt: refine ggtt range validation (bsc#1113722)\n- drm/i915/gvt: Roundup fb->height into tile's height at calucation fb->size (bsc#1111666).\n- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)\n- drm/i915/icl: Whitelist GEN9_SLICE_COMMON_ECO_CHICKEN1 (bsc#1111666).\n- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).\n- drm/i915: Disable tv output on i9x5gm (bsc#1086657, bsc#1133897).\n- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled (bsc#1111666).\n- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).\n- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)\n- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113956)\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/nouveau/bar/tu104: initial support (bsc#1133593).\n- drm/nouveau/bar/tu106: initial support (bsc#1133593).\n- drm/nouveau/bios/tu104: initial support (bsc#1133593).\n- drm/nouveau/bios/tu106: initial support (bsc#1133593).\n- drm/nouveau/bios: translate additional memory types (bsc#1133593).\n- drm/nouveau/bios: translate usb-C connector type (bsc#1133593).\n- drm/nouveau/bus/tu104: initial support (bsc#1133593).\n- drm/nouveau/bus/tu106: initial support (bsc#1133593).\n- drm/nouveau/ce/tu104: initial support (bsc#1133593).\n- drm/nouveau/ce/tu106: initial support (bsc#1133593).\n- drm/nouveau/core: increase maximum number of nvdec instances to 3 (bsc#1133593).\n- drm/nouveau/core: recognise TU102 (bsc#1133593).\n- drm/nouveau/core: recognise TU104 (bsc#1133593).\n- drm/nouveau/core: recognise TU106 (bsc#1133593).\n- drm/nouveau/core: support multiple nvdec instances (bsc#1133593).\n- drm/nouveau/devinit/gm200-: export function to upload+execute PMU/PRE_OS (bsc#1133593).\n- drm/nouveau/devinit/tu104: initial support (bsc#1133593).\n- drm/nouveau/devinit/tu106: initial support (bsc#1133593).\n- drm/nouveau/disp/gm200-: add scdc parameter setter (bsc#1133593).\n- drm/nouveau/disp/gv100: fix name of window channels in debug output (bsc#1133593).\n- drm/nouveau/disp/tu104: initial support (bsc#1133593).\n- drm/nouveau/disp/tu106: initial support (bsc#1133593).\n- drm/nouveau/disp: add a way to configure scrambling/tmds for hdmi 2.0 (bsc#1133593).\n- drm/nouveau/disp: add support for setting scdc parameters for high modes (bsc#1133593).\n- drm/nouveau/disp: keep track of high-speed state, program into clock (bsc#1133593).\n- drm/nouveau/disp: take sink support into account for exposing 594mhz (bsc#1133593).\n- drm/nouveau/dma/tu104: initial support (bsc#1133593).\n- drm/nouveau/dma/tu106: initial support (bsc#1133593).\n- drm/nouveau/drm/nouveau: Do not forget to label dp_aux devices (bsc#1133593).\n- drm/nouveau/drm/nouveau: s/nouveau_backlight_exit/nouveau_backlight_fini/ (bsc#1133593).\n- drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init() (bsc#1133593).\n- drm/nouveau/fault/tu104: initial support (bsc#1133593).\n- drm/nouveau/fault/tu106: initial support (bsc#1133593).\n- drm/nouveau/fault: add explicit control over fault buffer interrupts (bsc#1133593).\n- drm/nouveau/fault: remove manual mapping of fault buffers into BAR2 (bsc#1133593).\n- drm/nouveau/fault: store get/put pri address in nvkm_fault_buffer (bsc#1133593).\n- drm/nouveau/fb/tu104: initial support (bsc#1133593).\n- drm/nouveau/fb/tu106: initial support (bsc#1133593).\n- drm/nouveau/fifo/gf100-: call into BAR to reset BARs after MMU fault (bsc#1133593).\n- drm/nouveau/fifo/gk104-: group pbdma functions together (bsc#1133593).\n- drm/nouveau/fifo/gk104-: return channel instance in ctor args (bsc#1133593).\n- drm/nouveau/fifo/gk104-: separate runlist building from committing to hw (bsc#1133593).\n- drm/nouveau/fifo/gk104-: support enabling privileged ce functions (bsc#1133593).\n- drm/nouveau/fifo/gk104-: virtualise pbdma enable function (bsc#1133593).\n- drm/nouveau/fifo/gm200-: read pbdma count more directly (bsc#1133593).\n- drm/nouveau/fifo/gv100: allocate method buffer (bsc#1133593).\n- drm/nouveau/fifo/gv100: return work submission token in channel ctor args (bsc#1133593).\n- drm/nouveau/fifo/tu104: initial support (bsc#1133593).\n- drm/nouveau/fifo/tu106: initial support (bsc#1133593).\n- drm/nouveau/fuse/tu104: initial support (bsc#1133593).\n- drm/nouveau/fuse/tu106: initial support (bsc#1133593).\n- drm/nouveau/gpio/tu104: initial support (bsc#1133593).\n- drm/nouveau/gpio/tu106: initial support (bsc#1133593).\n- drm/nouveau/i2c/tu104: initial support (bsc#1133593).\n- drm/nouveau/i2c/tu106: initial support (bsc#1133593).\n- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)\n- drm/nouveau/ibus/tu104: initial support (bsc#1133593).\n- drm/nouveau/ibus/tu106: initial support (bsc#1133593).\n- drm/nouveau/imem/nv50: support pinning objects in BAR2 and returning address (bsc#1133593).\n- drm/nouveau/imem/tu104: initial support (bsc#1133593).\n- drm/nouveau/imem/tu106: initial support (bsc#1133593).\n- drm/nouveau/kms/nv50-: allow more flexibility with lut formats (bsc#1133593).\n- drm/nouveau/kms/tu104: initial support (bsc#1133593).\n- drm/nouveau/ltc/tu104: initial support (bsc#1133593).\n- drm/nouveau/ltc/tu106: initial support (bsc#1133593).\n- drm/nouveau/mc/tu104: initial support (bsc#1133593).\n- drm/nouveau/mc/tu106: initial support (bsc#1133593).\n- drm/nouveau/mmu/tu104: initial support (bsc#1133593).\n- drm/nouveau/mmu/tu106: initial support (bsc#1133593).\n- drm/nouveau/mmu: add more general vmm free/node handling functions (bsc#1133593).\n- drm/nouveau/pci/tu104: initial support (bsc#1133593).\n- drm/nouveau/pci/tu106: initial support (bsc#1133593).\n- drm/nouveau/pmu/tu104: initial support (bsc#1133593).\n- drm/nouveau/pmu/tu106: initial support (bsc#1133593).\n- drm/nouveau/therm/tu104: initial support (bsc#1133593).\n- drm/nouveau/therm/tu106: initial support (bsc#1133593).\n- drm/nouveau/tmr/tu104: initial support (bsc#1133593).\n- drm/nouveau/tmr/tu106: initial support (bsc#1133593).\n- drm/nouveau/top/tu104: initial support (bsc#1133593).\n- drm/nouveau/top/tu106: initial support (bsc#1133593).\n- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).\n- drm/nouveau: add DisplayPort CEC-Tunneling-over-AUX support (bsc#1133593).\n- drm/nouveau: Add NV_PRINTK_ONCE and variants (bsc#1133593).\n- drm/nouveau: Add size to vbios.rom file in debugfs (bsc#1133593).\n- drm/nouveau: Add strap_peek to debugfs (bsc#1133593).\n- drm/nouveau: Cleanup indenting in nouveau_backlight.c (bsc#1133593).\n- drm/nouveau: Fix potential memory leak in nouveau_drm_load() (bsc#1133593).\n- drm/nouveau: Move backlight device into nouveau_connector (bsc#1133593).\n- drm/nouveau: Refactor nvXX_backlight_init() (bsc#1133593).\n- drm/nouveau: register backlight on pascal and newer (bsc#1133593).\n- drm/nouveau: remove left-over struct member (bsc#1133593).\n- drm/nouveau: Remove unecessary dma_fence_ops (bsc#1133593).\n- drm/nouveau: Start using new drm_dev initialization helpers (bsc#1133593).\n- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).\n- drm/omap: hdmi4_cec: Fix CEC clock handling for PM (bsc#1111666).\n- drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bsc#1111666).\n- drm/pl111: Initialize clock spinlock early (bsc#1111666).\n- drm/rockchip: fix for mailbox read validation (bsc#1051510).\n- drm/rockchip: fix for mailbox read validation (bsc#1111666).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)\n- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)\n- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)\n- drm/sun4i: Fix sun8i HDMI PHY clock initialization (bsc#1111666).\n- drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz (bsc#1111666).\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)\n- drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind (bsc#1111666).\n- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)\n- drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() (bsc#1111666).\n- drm/tegra: hub: Fix dereference before check (bsc#1111666).\n- drm/ttm: Fix bo_global and mem_global kfree error (bsc#1111666).\n- drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bsc#1111666).\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/udl: add a release method and delay modeset teardown (bsc#1085536)\n- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)\n- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)\n- drm/vmwgfx: Remove set but not used variable 'restart' (bsc#1111666).\n- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).\n- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)\n- drm: rcar-du: Fix rcar_du_crtc structure documentation (bsc#1111666).\n- dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20).\n- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- e1000e: Disable runtime PM on CNP+ (jsc#SLE-4804).\n- e1000e: Exclude device from suspend direct complete optimization (jsc#SLE-4804).\n- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).\n- e1000e: fix a missing check for return value (jsc#SLE-4804).\n- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).\n- edac, amd64: Add Hygon Dhyana support ().\n- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).\n- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: libstub: add a root memreserve config table (bsc#1117158).\n- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).\n- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).\n- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).\n- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).\n- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).\n- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).\n- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).\n- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).\n- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).\n- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).\n- ext4: actually request zeroing of inode table after grow (bsc#1135315).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).\n- ext4: Do not warn when enabling DAX (bsc#1132894).\n- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).\n- ext4: make sanity check in mballoc more strict (bsc#1136439).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).\n- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)\n- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)\n- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).\n- fix cgroup_do_mount() handling of failure exits (bsc#1133095).\n- fix rtnh_ok() (git-fixes).\n- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).\n- fm10k: TRIVIAL cleanup of extra spacing in function comment (jsc#SLE-4796).\n- fm10k: use struct_size() in kzalloc() (jsc#SLE-4796).\n- fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).\n- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).\n- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).\n- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- futex: Cure exit race (bsc#1050549).\n- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).\n- futex: Handle early deadlock return correctly (bsc#1050549).\n- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).\n- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).\n- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).\n- gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).\n- hid: core: move Usage Page concatenation to Main item (bsc#1093389).\n- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).\n- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).\n- hid: input: add mapping for Assistant key (bsc#1051510).\n- hid: input: add mapping for Expose/Overview key (bsc#1051510).\n- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).\n- hid: input: fix a4tech horizontal wheel custom usage (bsc#1137429).\n- hid: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).\n- hid: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).\n- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).\n- i2c: imx: correct the method of getting private data in notifier_call (bsc#1111666).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).\n- i2c: synquacer: fix enumeration of slave devices (bsc#1111666).\n- i40e: Able to add up to 16 MAC filters on an untrusted VF (jsc#SLE-4797).\n- i40e: add new pci id for X710/XXV710 N3000 cards (jsc#SLE-4797).\n- i40e: add num_vectors checker in iwarp handler (jsc#SLE-4797).\n- i40e: Add support FEC configuration for Fortville 25G (jsc#SLE-4797).\n- i40e: Add support for X710 B/P and SFP+ cards (jsc#SLE-4797).\n- i40e: add tracking of AF_XDP ZC state for each queue pair (jsc#SLE-4797).\n- i40e: change behavior on PF in response to MDD event (jsc#SLE-4797).\n- i40e: Change unmatched function types (jsc#SLE-4797).\n- i40e: Changed maximum supported FW API version to 1.8 (jsc#SLE-4797).\n- i40e: check queue pairs num in config queues handler (jsc#SLE-4797).\n- i40e: clean up several indentation issues (jsc#SLE-4797).\n- i40e: do not allow changes to HW VLAN stripping on active port VLANs (jsc#SLE-4797).\n- i40e: Fix for 10G ports LED not blinking (jsc#SLE-4797).\n- i40e: Fix for allowing too many MDD events on VF (jsc#SLE-4797).\n- i40e: fix i40e_ptp_adjtime when given a negative delta (jsc#SLE-4797).\n- i40e: Fix misleading error message (jsc#SLE-4797).\n- i40e: fix misleading message about promisc setting on un-trusted VF (jsc#SLE-4797).\n- i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c (jsc#SLE-4797).\n- i40e: Fix the typo in adding 40GE KR4 mode (jsc#SLE-4797).\n- i40e: Further implementation of LLDP (jsc#SLE-4797).\n- i40e: Implement DDP support in i40e driver (jsc#SLE-4797).\n- i40e: increase indentation (jsc#SLE-4797).\n- i40e: Introduce recovery mode support (jsc#SLE-4797).\n- i40e: Limiting RSS queues to CPUs (jsc#SLE-4797).\n- i40e: Memory leak in i40e_config_iwarp_qvlist (jsc#SLE-4797).\n- i40e: missing input validation on VF message handling by the PF (jsc#SLE-4797).\n- i40e: move i40e_xsk_umem function (jsc#SLE-4797).\n- i40e: print pci vendor and device ID during probe (jsc#SLE-4797).\n- i40e: Queues are reserved despite 'Invalid argument' error (jsc#SLE-4797).\n- i40e: remove debugfs tx_timeout support (jsc#SLE-4797).\n- i40e: remove error msg when vf with port vlan tries to remove vlan 0 (jsc#SLE-4797).\n- i40e: Remove misleading messages for untrusted VF (jsc#SLE-4797).\n- i40e: remove out-of-range comparisons in i40e_validate_cloud_filter (jsc#SLE-4797).\n- i40e: Remove umem from VSI (jsc#SLE-4797).\n- i40e: Report advertised link modes on 40GBase_LR4, CR4 and fibre (jsc#SLE-4797).\n- i40e: Report advertised link modes on 40GBASE_SR4 (jsc#SLE-4797).\n- i40e: Revert ShadowRAM checksum calculation change (jsc#SLE-4797).\n- i40e: save PTP time before a device reset (jsc#SLE-4797).\n- i40e: Setting VF to VLAN 0 requires restart (jsc#SLE-4797).\n- i40e: ShadowRAM checksum calculation change (jsc#SLE-4797).\n- i40e: The driver now prints the API version in error message (jsc#SLE-4797).\n- i40e: Use struct_size() in kzalloc() (jsc#SLE-4797).\n- i40e: VF's promiscuous attribute is not kept (jsc#SLE-4797).\n- i40e: Wrong truncation from u16 to u8 (jsc#SLE-4797).\n- i40iw: Avoid panic when handling the inetdev event (jsc#SLE-4793).\n- i40iw: remove support for ib_get_vector_affinity (jsc#SLE-4793).\n- i40iw: remove use of VLAN_TAG_PRESENT (jsc#SLE-4793).\n- ib/hfi1: Add debugfs to control expansion ROM write protect (jsc#SLE-4925).\n- ib/hfi1: Add selected Rcv counters (jsc#SLE-4925).\n- ib/hfi1: Close VNIC sdma_progress sleep window (jsc#SLE-4925).\n- ib/hfi1: Consider LMC in 16B/bypass ingress packet check (jsc#SLE-4925).\n- ib/hfi1: Correctly process FECN and BECN in packets (jsc#SLE-4925).\n- ib/hfi1: Dump pio info for non-user send contexts (jsc#SLE-4925).\n- ib/hfi1: Eliminate opcode tests on mr deref (jsc#SLE-4925).\n- ib/hfi1: Failed to drain send queue when QP is put into error state (jsc#SLE-4925).\n- ib/hfi1: Fix the allocation of RSM table (jsc#SLE-4925).\n- ib/hfi1: Fix two format strings (jsc#SLE-4925).\n- ib/hfi1: Fix WQ_MEM_RECLAIM warning (jsc#SLE-4925).\n- ib/hfi1: Ignore LNI errors before DC8051 transitions to Polling state (jsc#SLE-4925).\n- ib/hfi1: Incorrect sizing of sge for PIO will OOPs (jsc#SLE-4925).\n- ib/hfi1: Limit VNIC use of SDMA engines to the available count (jsc#SLE-4925).\n- ib/hfi1: Reduce lock contention on iowait_lock for sdma and pio (jsc#SLE-4925).\n- ib/hfi1: Remove overly conservative VM_EXEC flag check (jsc#SLE-4925).\n- ib/hfi1: Remove WARN_ON when freeing expected receive groups (jsc#SLE-4925).\n- ib/hfi1: Unreserve a reserved request when it is completed (jsc#SLE-4925).\n- ib/hw: Remove unneeded semicolons (bsc#1136456 jsc#SLE-4689).\n- ib/rdmavt: Add wc_flags and wc_immdata to cq entry trace (jsc#SLE-4925).\n- ib/rdmavt: Fix frwr memory registration (jsc#SLE-4925).\n- ib/rdmavt: Fix loopback send with invalidate ordering (jsc#SLE-4925).\n- ib/{rdmavt, hfi1): Miscellaneous comment fixes (jsc#SLE-4925).\n- ibmvnic: Add device identification to requested IRQs (bsc#1137739).\n- ibmvnic: Do not close unopened driver during reset (bsc#1137752).\n- ibmvnic: Enable GRO (bsc#1132227).\n- ibmvnic: Fix completion structure initialization (bsc#1131659).\n- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).\n- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).\n- ibmvnic: Refresh device multicast list after reset (bsc#1137752).\n- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).\n- ice : Ensure only valid bits are set in ice_aq_set_phy_cfg (jsc#SLE-4803).\n- ice: Add 52 byte RSS hash key support (jsc#SLE-4803).\n- ice: add and use new ice_for_each_traffic_class() macro (jsc#SLE-4803).\n- ice: Add code for DCB initialization part 1/4 (jsc#SLE-4803).\n- ice: Add code for DCB initialization part 2/4 (jsc#SLE-4803).\n- ice: Add code for DCB initialization part 3/4 (jsc#SLE-4803).\n- ice: Add code for DCB initialization part 4/4 (jsc#SLE-4803).\n- ice: Add code for DCB rebuild (jsc#SLE-4803).\n- ice: Add code to control FW LLDP and DCBX (jsc#SLE-4803).\n- ice: Add code to get DCB related statistics (jsc#SLE-4803).\n- ice: Add code to process LLDP Mib change events (jsc#SLE-4803).\n- ice: add const qualifier to mac_addr parameter (jsc#SLE-4803).\n- ice: Add ethtool private flag to make forcing link down optional (jsc#SLE-4803).\n- ice: Add ethtool set_phys_id handler (jsc#SLE-4803).\n- ice: Add function to program ethertype based filter rule on VSIs (jsc#SLE-4803).\n- ice: Add missing case in print_link_msg for printing flow control (jsc#SLE-4803).\n- ice: Add missing PHY type to link settings (jsc#SLE-4803).\n- ice: Add more validation in ice_vc_cfg_irq_map_msg (jsc#SLE-4803).\n- ice: Add priority information into VLAN header (jsc#SLE-4803).\n- ice: Add reg_idx variable in ice_q_vector structure (jsc#SLE-4803).\n- ice: Add support for adaptive interrupt moderation (jsc#SLE-4803).\n- ice: Add support for new PHY types (jsc#SLE-4803).\n- ice: Add support for PF/VF promiscuous mode (jsc#SLE-4803).\n- ice: Allow for software timestamping (jsc#SLE-4803).\n- ice: Always free/allocate q_vectors (jsc#SLE-4803).\n- ice: Audit hotpath structures with pahole (jsc#SLE-4803).\n- ice: avoid multiple unnecessary de-references in probe (jsc#SLE-4803).\n- ice: Bump driver version (jsc#SLE-4803).\n- ice: Bump version (jsc#SLE-4803).\n- ice: Calculate ITR increment based on direct calculation (jsc#SLE-4803).\n- ice: change VF VSI tc info along with num_queues (jsc#SLE-4803).\n- ice: check for a leaf node presence (jsc#SLE-4803).\n- ice: clear VF ARQLEN register on reset (jsc#SLE-4803).\n- ice: code cleanup in ice_sched.c (jsc#SLE-4803).\n- ice: configure GLINT_ITR to always have an ITR gran of 2 (jsc#SLE-4803).\n- ice: Configure RSS LUT and HASH KEY in rebuild path (jsc#SLE-4803).\n- ice: Create a generic name for the ice_rx_flg64_bits structure (jsc#SLE-4803).\n- ice: Create framework for VSI queue context (jsc#SLE-4803).\n- ice: Determine descriptor count and ring size based on PAGE_SIZE (jsc#SLE-4803).\n- ice: Disable sniffing VF traffic on PF (jsc#SLE-4803).\n- ice: Do not bail out when filter already exists (jsc#SLE-4803).\n- ice: Do not let VF know that it is untrusted (jsc#SLE-4803).\n- ice: Do not remove VLAN filters that were never programmed (jsc#SLE-4803).\n- ice: Do not set LB_EN for prune switch rules (jsc#SLE-4803).\n- ice: do not spam VFs with link messages (jsc#SLE-4803).\n- ice: Do not unnecessarily initialize local variable (jsc#SLE-4803).\n- ice: Enable LAN_EN for the right recipes (jsc#SLE-4803).\n- ice: Enable link events over the ARQ (jsc#SLE-4803).\n- ice: Enable MAC anti-spoof by default (jsc#SLE-4803).\n- ice: enable VF admin queue interrupts (jsc#SLE-4803).\n- ice: Fix added in VSI supported nodes calc (jsc#SLE-4803).\n- ice: Fix broadcast traffic in port VLAN mode (jsc#SLE-4803).\n- ice: Fix for adaptive interrupt moderation (jsc#SLE-4803).\n- ice: Fix for allowing too many MDD events on VF (jsc#SLE-4803).\n- ice: Fix for FC get rx/tx pause params (jsc#SLE-4803).\n- ice: fix ice_remove_rule_internal vsi_list handling (jsc#SLE-4803).\n- ice: Fix incorrect use of abbreviations (jsc#SLE-4803).\n- ice: Fix issue reclaiming resources back to the pool after reset (jsc#SLE-4803).\n- ice: Fix issue reconfiguring VF queues (jsc#SLE-4803).\n- ice: Fix issue when adding more than allowed VLANs (jsc#SLE-4803).\n- ice: fix issue where host reboots on unload when iommu=on (jsc#SLE-4803).\n- ice: Fix issue with VF reset and multiple VFs support on PFs (jsc#SLE-4803).\n- ice: fix numeric overflow warning (jsc#SLE-4803).\n- ice: fix some function prototype and signature style issues (jsc#SLE-4803).\n- ice: fix stack hogs from struct ice_vsi_ctx structures (jsc#SLE-4803).\n- ice: fix static analysis warnings (jsc#SLE-4803).\n- ice: Fix the calculation of ICE_MAX_MTU (jsc#SLE-4803).\n- ice: fix the divide by zero issue (jsc#SLE-4803).\n- ice: Fix typos in code comments (jsc#SLE-4803).\n- ice: flush Tx pipe on disable queue timeout (jsc#SLE-4803).\n- ice: Gather the rx buf clean-up logic for better reuse (jsc#SLE-4803).\n- ice: Get resources per function (jsc#SLE-4803).\n- ice: Get rid of ice_pull_tail (jsc#SLE-4803).\n- ice: Get VF VSI instances directly via PF (jsc#SLE-4803).\n- ice: Implement flow to reset VFs with PFR and other resets (jsc#SLE-4803).\n- ice: Implement getting and setting ethtool coalesce (jsc#SLE-4803).\n- ice: Implement pci_error_handler ops (jsc#SLE-4803).\n- ice: Implement support for normal get_eeprom[_len] ethtool ops (jsc#SLE-4803).\n- ice: Limit the ice_add_rx_frag to frag addition (jsc#SLE-4803).\n- ice: map Rx buffer pages with DMA attributes (jsc#SLE-4803).\n- ice: Move aggregator list into ice_hw instance (jsc#SLE-4803).\n- ice: Offload SCTP checksum (jsc#SLE-4803).\n- ice: only use the VF for ICE_VSI_VF in ice_vsi_release (jsc#SLE-4803).\n- ice: Preserve VLAN Rx stripping settings (jsc#SLE-4803).\n- ice: Prevent unintended multiple chain resets (jsc#SLE-4803).\n- ice: Pull out page reuse checks onto separate function (jsc#SLE-4803).\n- ice: Put __ICE_PREPARED_FOR_RESET check in ice_prepare_for_reset (jsc#SLE-4803).\n- ice: Reduce scope of variable in ice_vsi_cfg_rxqs (jsc#SLE-4803).\n- ice: Refactor a few Tx scheduler functions (jsc#SLE-4803).\n- ice: Refactor getting/setting coalesce (jsc#SLE-4803).\n- ice: Refactor link event flow (jsc#SLE-4803).\n- ice: Remove '2 BITS' comment (jsc#SLE-4803).\n- ice: Remove __always_unused attribute (jsc#SLE-4803).\n- ice: remove redundant variable and if condition (jsc#SLE-4803).\n- ice: Remove runtime change of PFINT_OICR_ENA register (jsc#SLE-4803).\n- ice: Remove unnecessary braces (jsc#SLE-4803).\n- ice: Remove unnecessary newlines from log messages (jsc#SLE-4803).\n- ice: Remove unnecessary wait when disabling/enabling Rx queues (jsc#SLE-4803).\n- ice: Remove unused function prototype (jsc#SLE-4803).\n- ice: Remove unused function prototype (jsc#SLE-4803).\n- ice: Remove unused vsi_id field (jsc#SLE-4803).\n- ice: Reset all VFs with VFLR during SR-IOV init flow (jsc#SLE-4803).\n- ice: Resolve static analysis reported issue (jsc#SLE-4803).\n- ice: Restore VLAN switch rule if port VLAN existed before (jsc#SLE-4803).\n- ice: Retrieve rx_buf in separate function (jsc#SLE-4803).\n- ice: Return configuration error without queue to disable (jsc#SLE-4803).\n- ice: Rework queue management code for reuse (jsc#SLE-4803).\n- ice: Separate if conditions for ice_set_features() (jsc#SLE-4803).\n- ice: Set LAN_EN for all directional rules (jsc#SLE-4803).\n- ice: Set physical link up/down when an interface is set up/down (jsc#SLE-4803).\n- ice: sizeof(type>) should be avoided (jsc#SLE-4803).\n- ice: Suppress false-positive style issues reported by static analyzer (jsc#SLE-4803).\n- ice: use absolute vector ID for VFs (jsc#SLE-4803).\n- ice: Use bitfields where possible (jsc#SLE-4803).\n- ice: Use dev_err when ice_cfg_vsi_lan fails (jsc#SLE-4803).\n- ice: Use ice_for_each_q_vector macro where possible (jsc#SLE-4803).\n- ice: use ice_for_each_vsi macro when possible (jsc#SLE-4803).\n- ice: use irq_num var in ice_vsi_req_irq_msix (jsc#SLE-4803).\n- ice: Use more efficient structures (jsc#SLE-4803).\n- ice: Use pf instead of vsi-back (jsc#SLE-4803).\n- ice: use virt channel status codes (jsc#SLE-4803).\n- ice: Validate ring existence and its q_vector per VSI (jsc#SLE-4803).\n- igb: Bump version number (jsc#SLE-4798).\n- igb: Exclude device from suspend direct complete optimization (jsc#SLE-4798).\n- igb: fix various indentation issues (jsc#SLE-4798).\n- igb: Fix WARN_ONCE on runtime suspend (jsc#SLE-4798).\n- igb: use struct_size() helper (jsc#SLE-4798).\n- igc: Add ethtool support (jsc#SLE-4799).\n- igc: Add multiple receive queues control supporting (jsc#SLE-4799).\n- igc: Add support for statistics (jsc#SLE-4799).\n- igc: Add support for the ntuple feature (jsc#SLE-4799).\n- igc: Extend the ethtool supporting (jsc#SLE-4799).\n- igc: Fix code redundancy (jsc#SLE-4799).\n- igc: Fix the typo in igc_base.h header definition (jsc#SLE-4799).\n- igc: Remove the 'igc_get_phy_id_base' method (jsc#SLE-4799).\n- igc: Remove the 'igc_read_mac_addr_base' method (jsc#SLE-4799).\n- igc: Remove unneeded code (jsc#SLE-4799).\n- igc: Remove unneeded hw_dbg prints (jsc#SLE-4799).\n- igc: Remove unreachable code from igc_phy.c file (jsc#SLE-4799).\n- igc: Remove unused code (jsc#SLE-4799).\n- igc: Use struct_size() helper (jsc#SLE-4799).\n- igmp: fix incorrect unsolicit report count when join group (git-fixes).\n- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).\n- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).\n- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).\n- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).\n- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).\n- iio: core: fix a possible circular locking dependency (bsc#1051510).\n- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).\n- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).\n- iio: Fix scan mask selection (bsc#1051510).\n- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).\n- include/linux/bitops.h: introduce BITS_PER_TYPE (bsc#1136345 jsc#SLE-4681).\n- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).\n- inetpeer: fix uninit-value in inet_getpeer (git-fixes).\n- infiniband/qedr: Potential null ptr dereference of qp (bsc#1136456 jsc#SLE-4689).\n- infiniband: hfi1: drop crazy DEBUGFS_SEQ_FILE_CREATE() macro (jsc#SLE-4925).\n- infiniband: hfi1: no need to check return value of debugfs_create functions (jsc#SLE-4925).\n- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).\n- input: introduce KEY_ASSISTANT (bsc#1051510).\n- input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).\n- input: synaptics-rmi4 - fix possible double free (bsc#1051510).\n- input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).\n- intel: correct return from set features callback (jsc#SLE-4795).\n- intel_idle: add support for Jacobsville (jsc#SLE-5394).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).\n- iommu/amd: Set exclusion range correctly (bsc#1130425).\n- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).\n- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).\n- ip_gre: fix parsing gre header in ipgre_err (git-fixes).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).\n- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).\n- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).\n- ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier (bsc#1111666).\n- ipmi: Prevent use-after-free in deliver_response (bsc#1111666).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).\n- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).\n- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).\n- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).\n- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).\n- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).\n- ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).\n- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).\n- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).\n- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).\n- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).\n- ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).\n- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).\n- ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).\n- ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).\n- ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).\n- ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15).\n- ipvlan: fix ipv6 outbound device (bsc#1051510).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).\n- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).\n- ipvs: fix buffer overflow with sync daemon and service (git-fixes).\n- ipvs: fix check on xmit to non-local addresses (git-fixes).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).\n- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).\n- ipvs: fix stats update from local clients (git-fixes).\n- ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).\n- iw_cxgb*: kzalloc the iwcm verbs struct (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: Check for send WR also while posting write with completion WR (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: complete the cached SRQ buffers (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).\n- iw_cxgb4: Fix qpid leak (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: fix srqidx leak during connection abort (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: Make function read_tcb() static (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).\n- iw_cxgb4: use listening ep tos when accepting new connections (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: use tos when finding ipv6 routes (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: use tos when importing the endpoint (bsc#1136348 jsc#SLE-4684).\n- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).\n- iwlwifi: fix driver operation for 5350 (bsc#1111666).\n- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).\n- ixgbe: fix mdio bus registration (jsc#SLE-4795).\n- ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN (jsc#SLE-4795).\n- ixgbe: register a mdiobus (jsc#SLE-4795).\n- ixgbe: remove magic constant in ixgbe_reset_hw_82599() (jsc#SLE-4795).\n- ixgbe: use mii_bus to handle MII related ioctls (jsc#SLE-4795).\n- ixgbe: Use struct_size() helper (jsc#SLE-4795).\n- jbd2: check superblock mapped prior to committing (bsc#1136430).\n- kabi i40e ignore include (jsc#SLE-4797).\n- kabi protect struct iw_cm_id (bsc#1136348 jsc#SLE-4684).\n- kabi protect struct vf_info (bsc#1136347 jsc#SLE-4683).\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kabi/severities: exclude hns3 symbols (bsc#1134948)\n- kabi/severities: exclude qed* symbols (bsc#1136461)\n- kabi/severities: missed hns roce module\n- kabi: arm64: cpuhotplug: Reuse other arch's cpuhp_state ().\n- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).\n- kABI: protect dma-mapping.h include (kabi).\n- kABI: protect functions using struct net_generic (bsc#1129845 LTC#176252).\n- kABI: protect ip_options_rcv_srr (kabi).\n- kABI: protect struct mlx5_td (kabi).\n- kABI: protect struct pci_dev (kabi).\n- kABI: protect struct smc_ib_device (bsc#1129845 LTC#176252).\n- kABI: protect struct smcd_dev (bsc#1129845 LTC#176252).\n- kABI: restore icmp_send (kabi).\n- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).\n- kcm: switch order of device registration to fix a crash (bnc#1130527).\n- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).\n- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- kernfs: do not set dentry->d_fsdata (boo#1133115).\n- keys: always initialize keyring_index_key::desc_len (bsc#1051510).\n- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).\n- keys: user: Align the payload buffer (bsc#1051510).\n- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904 LTC#176078).\n- kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).\n- kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).\n- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).\n- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).\n- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).\n- kvm: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).\n- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).\n- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).\n- kvm: s390: use created_vcpus in more places (bsc#1136206).\n- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).\n- kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).\n- kvm: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).\n- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- kvm: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).\n- kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).\n- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- kvm: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).\n- kvm: x86: Report STibP on GET_SUPPORTED_CPUID (bsc#1111331).\n- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).\n- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).\n- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).\n- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- libcxgb: fix incorrect ppmax calculation (bsc#1136345 jsc#SLE-4681).\n- lightnvm: if LUNs are already allocated fix return (bsc#1085535).\n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).\n- livepatch: Remove custom kobject state handling (bsc#1071995).\n- livepatch: Remove duplicated code for early initialization (bsc#1071995).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mac80211: do not attempt to rename ERR_PTR() debugfs dirs (bsc#1111666).\n- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).\n- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).\n- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).\n- mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode (bsc#1111666).\n- mac8390: Fix mmio access size probe (bsc#1051510).\n- md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).\n- md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).\n- md: batch flush requests (bsc#1119680).\n- md: Fix failed allocation of md_register_thread (git-fixes).\n- md: fix invalid stored role for a disk (bsc#1051510).\n- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).\n- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- memcg: make it work on sparse non-0-node systems (bnc#1133616).\n- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).\n- mISDN: Check address length before reading address family (bsc#1051510).\n- missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15).\n- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).\n- mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).\n- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).\n- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).\n- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).\n- mm: create non-atomic version of SetPageReserved for init use (jsc#SLE-6647).\n- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- mmc: bcm2835 MMC issues (bsc#1070872).\n- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mmc: core: Fix tag set memory leak (bsc#1111666).\n- mmc: davinci: remove extraneous __init annotation (bsc#1051510).\n- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).\n- mmc: sdhci: Handle auto-command errors (bsc#1051510).\n- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).\n- mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07).\n- mt7601u: bump supported EEPROM version (bsc#1051510).\n- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: do not advertise ibSS features without FW support (bsc#1129770).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: Fix possible buffer overflows at parsing bss descriptor\n- mwifiex: Make resume actually do something useful again on SDIO cards (bsc#1111666).\n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).\n- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).\n- net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).\n- net/ibmvnic: Remove tests of member address (bsc#1137739).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net/ipv4: defensive cipso option parsing (git-fixes).\n- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).\n- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).\n- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).\n- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).\n- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).\n- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).\n- net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24).\n- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).\n- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).\n- net/mlx5e: Fix trailing semicolon (bsc#1075020).\n- net/mlx5e: IPoib, Reset QP after channels are closed (bsc#1075020).\n- net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24).\n- net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).\n- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).\n- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).\n- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).\n- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).\n- net/smc: add pnet table namespace support (bsc#1129845 LTC#176252).\n- net/smc: add smcd support to the pnet table (bsc#1129845 LTC#176252).\n- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1129845 LTC#176252).\n- net/smc: allow pnetid-less configuration (bsc#1129845 LTC#176252).\n- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).\n- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1129845 LTC#176252).\n- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).\n- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).\n- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).\n- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).\n- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).\n- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).\n- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).\n- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).\n- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).\n- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).\n- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).\n- net/smc: rework pnet table (bsc#1129845 LTC#176252).\n- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).\n- net/tls: free ctx in sock destruct (bsc#1136353 jsc#SLE-4688).\n- net/x25: fix a race in x25_bind() (networking-stable-19_03_15).\n- net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15).\n- net/x25: reset state in x25_connect() (networking-stable-19_03_15).\n- net: Add __icmp_send helper (networking-stable-19_03_07).\n- net: Add header for usage of fls64() (networking-stable-19_02_20).\n- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).\n- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).\n- net: avoid false positives in untrusted gso validation (git-fixes).\n- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).\n- net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).\n- net: bridge: add vlan_tunnel to bridge port policies (git-fixes).\n- net: bridge: fix per-port af_packet sockets (git-fixes).\n- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes).\n- net: chelsio: Add a missing check on cudg_get_buffer (bsc#1136345 jsc#SLE-4681).\n- net: cxgb4: fix various indentation issues (bsc#1136345 jsc#SLE-4681).\n- net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes).\n- net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20).\n- net: do not keep lonely packets forever in the gro hash (git-fixes).\n- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).\n- net: dsa: legacy: do not unmask port bitmaps (git-fixes).\n- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).\n- net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).\n- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).\n- net: Fix a bug in removing queues from XPS map (git-fixes).\n- net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20).\n- net: fix IPv6 prefix route residue (networking-stable-19_02_20).\n- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).\n- net: Fix untag for vlan packets without ethernet header (git-fixes).\n- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes).\n- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).\n- net: hns3: add counter for times RX pages gets allocated (bsc#1104353 bsc#1134947).\n- net: hns3: add error handler for initializing command queue (bsc#1104353 bsc#1135058).\n- net: hns3: add function type check for debugfs help information (bsc#1104353 bsc#1134980).\n- net: hns3: Add handling of MAC tunnel interruption (bsc#1104353 bsc#1134983).\n- net: hns3: add hns3_gro_complete for HW GRO process (bsc#1104353 bsc#1135051).\n- net: hns3: add linearizing checking for TSO case (bsc#1104353 bsc#1134947).\n- net: hns3: add protect when handling mac addr list (bsc#1104353 ).\n- net: hns3: add queue's statistics update to service task (bsc#1104353 bsc#1134981).\n- net: hns3: add reset statistics for VF (bsc#1104353 bsc#1134995).\n- net: hns3: add reset statistics info for PF (bsc#1104353 bsc#1134995).\n- net: hns3: add some debug info for hclgevf_get_mbx_resp() (bsc#1104353 bsc#1134994).\n- net: hns3: add some debug information for hclge_check_event_cause (bsc#1104353 bsc#1134994).\n- net: hns3: add support for dump ncl config by debugfs (bsc#1104353 bsc#1134987).\n- net: hns3: Add support for netif message level settings (bsc#1104353 bsc#1134989).\n- net: hns3: adjust the timing of hns3_client_stop when unloading (bsc#1104353 bsc#1137201).\n- net: hns3: always assume no drop TC for performance reason (bsc#1104353 bsc#1135049).\n- net: hns3: check 1000M half for hns3_ethtool_ops.set_link_ksettings (bsc#1104353 bsc#1137201).\n- net: hns3: check resetting status in hns3_get_stats() (bsc#1104353 bsc#1137201).\n- net: hns3: code optimization for command queue' spin lock (bsc#1104353 bsc#1135042).\n- net: hns3: combine len and checksum handling for inner and outer header (bsc#1104353 bsc#1134947).\n- net: hns3: deactive the reset timer when reset successfully (bsc#1104353 bsc#1137201).\n- net: hns3: divide shared buffer between TC (bsc#1104353 bsc#1135047).\n- net: hns3: do not initialize MDIO bus when PHY is inexistent (bsc#1104353 bsc#1135045).\n- net: hns3: do not request reset when hardware resetting (bsc#1104353 bsc#1137201).\n- net: hns3: dump more information when tx timeout happens (bsc#1104353 bsc#1134990).\n- net: hns3: extend the loopback state acquisition time (bsc#1104353).\n- net: hns3: fix data race between ring->next_to_clean (bsc#1104353 bsc#1134975 bsc#1134945).\n- net: hns3: fix error handling for desc filling (bsc#1104353 ).\n- net: hns3: fix for HNS3_RXD_GRO_SIZE_M macro (bsc#1104353 bsc#1137201).\n- net: hns3: fix for tunnel type handling in hns3_rx_checksum (bsc#1104353 bsc#1134946).\n- net: hns3: fix for TX clean num when cleaning TX BD (bsc#1104353 ).\n- net: hns3: fix for vport->bw_limit overflow problem (bsc#1104353 bsc#1134998).\n- net: hns3: fix keep_alive_timer not stop problem (bsc#1104353 bsc#1135055).\n- net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() (bsc#1104353 bsc#1134990).\n- net: hns3: fix pause configure fail problem (bsc#1104353 bsc#1134951 bsc#1134951).\n- net: hns3: fix set port based VLAN for PF (bsc#1104353 bsc#1135053).\n- net: hns3: fix set port based VLAN issue for VF (bsc#1104353 bsc#1135053).\n- net: hns3: fix sparse: warning when calling hclge_set_vlan_filter_hw() (bsc#1104353 bsc#1134999).\n- net: hns3: fix VLAN offload handle for VLAN inserted by port (bsc#1104353 bsc#1135053).\n- net: hns3: free the pending skb when clean RX ring (bsc#1104353 bsc#1135044).\n- net: hns3: handle pending reset while reset fail (bsc#1104353 bsc#1135058).\n- net: hns3: handle the BD info on the last BD of the packet (bsc#1104353 bsc#1134974).\n- net: hns3: ignore lower-level new coming reset (bsc#1104353 bsc#1137201).\n- net: hns3: Make hclge_destroy_cmd_queue static (bsc#1104353 bsc#1137201).\n- net: hns3: Make hclgevf_update_link_mode static (bsc#1104353 bsc#1137201).\n- net: hns3: minor optimization for datapath (bsc#1104353 ).\n- net: hns3: minor optimization for ring_space (bsc#1104353 ).\n- net: hns3: minor refactor for hns3_rx_checksum (bsc#1104353 bsc#1135052).\n- net: hns3: modify HNS3_NIC_STATE_INITED flag in hns3_reset_notify_uninit_enet (bsc#1104353).\n- net: hns3: modify the VF network port media type acquisition method (bsc#1104353 bsc#1137201).\n- net: hns3: modify VLAN initialization to be compatible with port based VLAN (bsc#1104353 bsc#1135053).\n- net: hns3: not reset TQP in the DOWN while VF resetting (bsc#1104353 bsc#1134952).\n- net: hns3: not reset vport who not alive when PF reset (bsc#1104353 bsc#1137201).\n- net: hns3: optimize the barrier using when cleaning TX BD (bsc#1104353 bsc#1134945).\n- net: hns3: prevent change MTU when resetting (bsc#1104353 bsc#1137201).\n- net: hns3: prevent double free in hns3_put_ring_config() (bsc#1104353 bsc#1134950).\n- net: hns3: reduce resources use in kdump kernel (bsc#1104353 bsc#1137201).\n- net: hns3: refactor BD filling for l2l3l4 info (bsc#1104353 bsc#1134947).\n- net: hns3: refine tx timeout count handle (bsc#1104353 bsc#1134990).\n- net: hns3: remove redundant assignment of l2_hdr to itself (bsc#1104353).\n- net: hns3: remove reset after command send failed (bsc#1104353 bsc#1134949).\n- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).\n- net: hns3: return 0 and print warning when hit duplicate MAC (bsc#1104353 bsc#1137201).\n- net: hns3: set dividual reset level for all RAS and MSI-X errors (bsc#1104353 bsc#1135046).\n- net: hns3: set up the vport alive state while reinitializing (bsc#1104353 bsc#1137201).\n- net: hns3: set vport alive state to default while resetting (bsc#1104353 bsc#1137201).\n- net: hns3: simplify hclgevf_cmd_csq_clean (bsc#1104353 ).\n- net: hns3: some cleanup for struct hns3_enet_ring (bsc#1104353 bsc#1134947).\n- net: hns3: split function hnae3_match_n_instantiate() (bsc#1104353).\n- net: hns3: stop mailbox handling when command queue need re-init (bsc#1104353 bsc#1135058).\n- net: hns3: stop sending keep alive msg when VF command queue needs reinit (bsc#1104353 bsc#1134972).\n- net: hns3: unify maybe_stop_tx for TSO and non-TSO case (bsc#1104353 bsc#1134947).\n- net: hns3: unify the page reusing for page size 4K and 64K (bsc#1104353 bsc#1134947).\n- net: hns3: use a reserved byte to identify need_resp flag (bsc#1104353).\n- net: hns3: use atomic_t replace u32 for arq's count (bsc#1104353 bsc#1134953).\n- net: hns3: use devm_kcalloc when allocating desc_cb (bsc#1104353 bsc#1134947).\n- net: hns3: use napi_schedule_irqoff in hard interrupts handlers (bsc#1104353 bsc#1134947).\n- net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15).\n- net: initialize skb->peeked when cloning (git-fixes).\n- net: make skb_partial_csum_set() more robust against overflows (git-fixes).\n- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07).\n- net: phy: marvell: add new default led configure for m88e151x (bsc#1135018).\n- net: phy: marvell: change default m88e1510 LED configuration (bsc#1135018).\n- net: phy: marvell: Enable interrupt function on LED2 pin (bsc#1135018).\n- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).\n- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).\n- net: rose: fix a possible stack overflow (networking-stable-19_03_28).\n- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15).\n- net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).\n- net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15).\n- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).\n- net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07).\n- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).\n- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).\n- net: test tailroom before appending to linear skb (git-fixes).\n- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).\n- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).\n- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).\n- net: use indirect call wrappers at GRO network layer (bsc#1124503).\n- net: use indirect call wrappers at GRO transport layer (bsc#1124503).\n- net: validate untrusted gso packets without csum offload (networking-stable-19_02_20).\n- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes).\n- net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24).\n- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).\n- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).\n- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).\n- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes).\n- netfilter: drop template ct when conntrack is skipped (git-fixes).\n- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).\n- netfilter: ebtables: handle string from userspace with care (git-fixes).\n- netfilter: ebtables: reject non-bridge targets (git-fixes).\n- netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes).\n- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).\n- netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes).\n- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes).\n- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).\n- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).\n- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).\n- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).\n- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).\n- netfilter: nf_tables: fix leaking object reference count (git-fixes).\n- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).\n- netfilter: nf_tables: release chain in flushing set (git-fixes).\n- netfilter: nft_compat: do not dump private area (git-fixes).\n- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes).\n- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes).\n- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).\n- netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).\n- netlink: fix uninit-value in netlink_sendmsg (git-fixes).\n- nfc: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).\n- nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).\n- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).\n- nfs: add module option to limit NFSv4 minor version (jsc#PM-231).\n- nfs: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes).\n- nfs: Do not use page_file_mapping after removing the page (git-fixes).\n- nfs: Fix a soft lockup in the delegation recovery code (git-fixes).\n- nfs: Fix a typo in nfs_init_timeout_values() (git-fixes).\n- nfs: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).\n- nfs: Fix dentry revalidation on nfsv4 lookup (bsc#1132618).\n- nfs: Fix I/O request leakages (git-fixes).\n- nfs: fix mount/umount race in nlmclnt (git-fixes).\n- nfsd4: catch some false session retries (git-fixes).\n- nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).\n- nfsv4.1 do not free interrupted slot on open (git-fixes).\n- nfsv4.1: Reinitialise sequence results before retransmitting a request (git-fixes).\n- nfsv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).\n- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).\n- nvme-fc: use separate work queue to avoid warning (bsc#1131673).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1130937).\n- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).\n- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).\n- nvme: add proper discard setup for the multipath device (bsc#1114638).\n- nvme: Do not remove namespaces during reset (bsc#1131673).\n- nvme: fix the dangerous reference of namespaces list (bsc#1131673).\n- nvme: flush scan_work when resetting controller (bsc#1131673).\n- nvme: make sure ns head inherits underlying device limits (bsc#1131673).\n- nvme: only reconfigure discard if necessary (bsc#1114638).\n- objtool: Fix function fallthrough detection (bsc#1058115).\n- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- overflow: Fix -Wtype-limits compilation warnings (bsc#1111666).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (git-fixes).\n- packet: refine ring v3 block size test to hold one frame (git-fixes).\n- packet: reset network header if packet shorter than ll reserved space (git-fixes).\n- packet: validate msg_namelen in send directly (git-fixes).\n- packets: Always register packet sk in the same order (networking-stable-19_03_28).\n- pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).\n- pci: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).\n- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).\n- pci: Factor out pcie_retrain_link() function (git-fixes).\n- pci: Init pcie feature bits for managed host bridge alloc (bsc#1111666).\n- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).\n- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).\n- pci: pciehp: Convert to threaded IRQ (bsc#1133005).\n- pci: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).\n- pci: pciehp: Tolerate Presence Detect hardwired to zero (bsc#1133016).\n- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).\n- perf tools: Add Hygon Dhyana support ().\n- perf/x86/amd: Add event map for AMD Family 17h (bsc#1134223).\n- perf/x86/amd: Update generic hardware cache events for Family 17h (bsc#1134223).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- phy: sun4i-usb: Support set_mode to usb_HOST for non-OTG PHYs (bsc#1051510).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).\n- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).\n- powerpc/64: Make meltdown reporting Book3S 64 specific\n- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).\n- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).\n- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).\n- powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E\n- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).\n- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).\n- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).\n- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).\n- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).\n- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).\n- powerpc/mm: Check secondary hash page table (bsc#1065729).\n- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).\n- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).\n- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).\n- powerpc/numa: improve control of topology updates (bsc#1133584).\n- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).\n- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).\n- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).\n- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).\n- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).\n- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).\n- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).\n- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).\n- powerpc/powernv: Do not reprogram SLW image on every kvm guest entry/exit (bsc#1061840).\n- powerpc/powernv: Make opal log only readable by root (bsc#1065729).\n- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).\n- powerpc/process: Fix sparse address space warnings (bsc#1065729).\n- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).\n- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).\n- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).\n- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).\n- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).\n- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).\n- powerpc: Fix 32-bit kvm-PR lockup and host crash with MacOS guest (bsc#1061840).\n- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).\n- proc/kcore: do not bounds check against address 0 (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'faspath' -> 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'inculde' -> 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128971).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qla2xxx: kABI fixes for v10.00.00.14-k (bsc#1136215).\n- qla2xxx: kABI fixes for v10.01.00.15-k (bsc#1136215).\n- qlcnic: remove assumption that vlan_tci != 0 (bsc#1136469 jsc#SLE-4695).\n- qlcnic: remove set but not used variables 'cur_rings, max_hw_rings, tx_desc_info' (bsc#1136469 jsc#SLE-4695).\n- qlcnic: remove set but not used variables 'op, cmd_op' (bsc#1136469 jsc#SLE-4695).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).\n- ras/cec: Check the correct variable in the debugfs error handling (bsc#1085535).\n- ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15).\n- rdma/cxbg: Use correct sizing on buffers holding page DMA addresses (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).\n- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).\n- rdma/cxgb4: Add support for srq functions and structs (bsc#1127371).\n- rdma/cxgb4: Don't expose DMA addresses (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Fix null pointer dereference on alloc_skb failure (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: fix some info leaks (bsc#1127371).\n- rdma/cxgb4: Fix spelling mistake 'immedate' -> 'immediate' (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).\n- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).\n- rdma/cxgb4: Remove kref accounting for sync operation (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Use sizeof() notation (bsc#1136348 jsc#SLE-4684).\n- rdma/hns: Add constraint on the setting of local ACK timeout (bsc#1104427 bsc#1137233).\n- rdma/hns: Add SCC context allocation support for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Add SCC context clr support for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Add the process of AEQ overflow for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Add timer allocation support for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Bugfix for mapping user db (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for posting multiple srq work request (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for SCC hem free (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for sending with invalidate (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for set hem of SCC (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for the scene without receiver queue (bsc#1104427 bsc#1137233).\n- rdma/hns: Configure capacity of hns device (bsc#1104427 bsc#1137236).\n- rdma/hns: Delete unused variable in hns_roce_v2_modify_qp function (bsc#1104427).\n- rdma/hns: Delete useful prints for aeq subtype event (bsc#1104427 bsc#1126206).\n- rdma/hns: Fix bad endianess of port_pd variable (bsc#1104427 ).\n- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).\n- rdma/hns: Fix the bug with updating rq head pointer when flush cqe (bsc#1104427 bsc#1137233).\n- rdma/hns: Fix the chip hanging caused by sending doorbell during reset (bsc#1104427 bsc#1137232).\n- rdma/hns: Fix the chip hanging caused by sending mailbox CMQ during reset (bsc#1104427 bsc#1137232).\n- rdma/hns: Fix the Oops during rmmod or insmod ko when reset occurs (bsc#1104427 bsc#1137232).\n- rdma/hns: Fix the state of rereg mr (bsc#1104427 bsc#1137236).\n- rdma/hns: Hide error print information with roce vf device (bsc#1104427 bsc#1137236).\n- rdma/hns: Limit minimum ROCE CQ depth to 64 (bsc#1104427 bsc#1137236).\n- rdma/hns: Limit scope of hns_roce_cmq_send() (bsc#1104427 ).\n- rdma/hns: Make some function static (bsc#1104427 bsc#1126206).\n- rdma/hns: Modify qp specification according to UM (bsc#1104427 bsc#1137233).\n- rdma/hns: Modify the pbl ba page size for hip08 (bsc#1104427 bsc#1137233).\n- rdma/hns: Move spin_lock_irqsave to the correct place (bsc#1104427 bsc#1137236).\n- rdma/hns: Only assgin some fields if the relatived attr_mask is set (bsc#1104427).\n- rdma/hns: Only assign the fields of the rq psn if ib_QP_RQ_PSN is set (bsc#1104427).\n- rdma/hns: Only assign the relatived fields of psn if ib_QP_SQ_PSN is set (bsc#1104427).\n- rdma/hns: rdma/hns: Assign rq head pointer when enable rq record db (bsc#1104427 bsc#1137236).\n- rdma/hns: Remove jiffies operation in disable interrupt context (bsc#1104427 bsc#1137236).\n- rdma/hns: Remove set but not used variable 'rst' (bsc#1104427 bsc#1126206).\n- rdma/hns: Set allocated memory to zero for wrid (bsc#1104427 bsc#1137236).\n- rdma/hns: Support to create 1M srq queue (bsc#1104427 ).\n- rdma/hns: Update CQE specifications (bsc#1104427 bsc#1137236).\n- rdma/hns: Update the range of raq_psn field of qp context (bsc#1104427).\n- rdma/i40iw: Handle workqueue allocation failure (jsc#SLE-4793).\n- rdma/iw_cxgb4: Always disconnect when QP is transitioning to TERMINATE state (bsc#1136348 jsc#SLE-4684).\n- rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).\n- rdma/iwcm: add tos_set bool to iw_cm struct (bsc#1136348 jsc#SLE-4684).\n- rdma/qedr: Fix incorrect device rate (bsc#1136188).\n- rdma/qedr: Fix out of bounds index check in query pkey (bsc#1136456 jsc#SLE-4689).\n- rdma/rdmavt: Use correct sizing on buffers holding page DMA addresses (jsc#SLE-4925).\n- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).\n- rdma/smc: Replace ib_query_gid with rdma_get_gid_attr (bsc#1131530 LTC#176717).\n- rds: fix refcount bug in rds_sock_addref (git-fixes).\n- rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- ring-buffer: Check if memory is available before allocation (bsc#1132531).\n- route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (networking-stable-19_03_15).\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- rxrpc: Do not release call mutex on error pointer (git-fixes).\n- rxrpc: Do not treat call aborts as conn aborts (git-fixes).\n- rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15).\n- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).\n- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).\n- rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).\n- s390/dasd: fix panic for failed online processing (bsc#1132589).\n- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).\n- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).\n- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- scripts/git_sort/git_sort.py: remove old SCSI git branches\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi: hisi: KABI ignore new symbols (bsc#1135038).\n- scsi: hisi_sas: add host reset interface for test (bsc#1135041).\n- scsi: hisi_sas: Add softreset in hisi_sas_I_T_nexus_reset() (bsc#1135033).\n- scsi: hisi_sas: Adjust the printk format of functions hisi_sas_init_device() (bsc#1135037).\n- scsi: hisi_sas: allocate different SAS address for directly attached situation (bsc#1135036).\n- scsi: hisi_sas: Do not fail IT nexus reset for Open Reject timeout (bsc#1135033).\n- scsi: hisi_sas: Do not hard reset disk during controller reset (bsc#1135034).\n- scsi: hisi_sas: Fix for setting the PHY linkrate when disconnected (bsc#1135038).\n- scsi: hisi_sas: Remedy inconsistent PHY down state in software (bsc#1135039).\n- scsi: hisi_sas: remove the check of sas_dev status in hisi_sas_I_T_nexus_reset() (bsc#1135037).\n- scsi: hisi_sas: Send HARD RESET to clear the previous affiliation of STP target port (bsc#1135037).\n- scsi: hisi_sas: Set PHY linkrate when disconnected (bsc#1135038).\n- scsi: hisi_sas: Some misc tidy-up (bsc#1135031).\n- scsi: hisi_sas: Support all RAS events with MSI interrupts (bsc#1135035).\n- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).\n- scsi: libsas: Do discovery on empty PHY to update PHY info (bsc#1135024).\n- scsi: libsas: Improve vague log in SAS rediscovery (bsc#1135027).\n- scsi: libsas: Inject revalidate event for root port event (bsc#1135026).\n- scsi: libsas: Print expander PHY indexes in decimal (bsc#1135021).\n- scsi: libsas: Stop hardcoding SAS address length (bsc#1135029).\n- scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery (bsc#1135028).\n- scsi: libsas: Try to retain programmed min linkrate for SATA min pathway unmatch fixing (bsc#1135028).\n- scsi: qedf: fixup bit operations (bsc#1135542).\n- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).\n- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).\n- scsi: qla2xxx: Add 28xx flash primary/secondary status/image mechanism (bsc#1136215).\n- scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1136215).\n- scsi: qla2xxx: Add First Burst support for FC-NVMe devices (bsc#1136215).\n- scsi: qla2xxx: Add fw_attr and port_no SysFS node (bsc#1136215).\n- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).\n- scsi: qla2xxx: Add new FW dump template entry types (bsc#1136215).\n- scsi: qla2xxx: Add protection mask module parameters (bsc#1136215).\n- scsi: qla2xxx: Add Serdes support for ISP28XX (bsc#1136215).\n- scsi: qla2xxx: Add support for multiple fwdump templates/segments (bsc#1136215).\n- scsi: qla2xxx: Add support for setting port speed (bsc#1136215).\n- scsi: qla2xxx: Avoid pci IRQ affinity mapping when multiqueue is not supported (bsc#1136215).\n- scsi: qla2xxx: avoid printf format warning (bsc#1136215).\n- scsi: qla2xxx: Check for FW started flag before aborting (bsc#1136215).\n- scsi: qla2xxx: check for kstrtol() failure (bsc#1136215).\n- scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path (bsc#1136215).\n- scsi: qla2xxx: Correction and improvement to fwdt processing (bsc#1136215).\n- scsi: qla2xxx: Correctly report max/min supported speeds (bsc#1136215).\n- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).\n- scsi: qla2xxx: Fix code indentation for qla27xx_fwdt_entry (bsc#1136215).\n- scsi: qla2xxx: Fix DMA error when the DIF sg buffer crosses 4GB boundary (bsc#1136215).\n- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).\n- scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bsc#1136215).\n- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).\n- scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (bsc#1136215).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- scsi: qla2xxx: Fix read offset in qla24xx_load_risc_flash() (bsc#1136215).\n- scsi: qla2xxx: Fix routine qla27xx_dump_{mpi|ram}() (bsc#1136215).\n- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).\n- scsi: qla2xxx: Fix unload when NVMe devices are configured (bsc#1136215).\n- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).\n- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).\n- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).\n- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).\n- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).\n- scsi: qla2xxx: Move debug messages before sending srb preventing panic (bsc#1136215).\n- scsi: qla2xxx: Move marker request behind QPair (bsc#1136215).\n- scsi: qla2xxx: no need to check return value of debugfs_create functions (bsc#1136215).\n- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).\n- scsi: qla2xxx: Prevent multiple ADISC commands per session (bsc#1136215).\n- scsi: qla2xxx: Prevent SysFS access when chip is down (bsc#1136215).\n- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).\n- scsi: qla2xxx: Remove FW default template (bsc#1136215).\n- scsi: qla2xxx: remove redundant null check on pointer sess (bsc#1136215).\n- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).\n- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).\n- scsi: qla2xxx: Remove unused symbols (bsc#1118139).\n- scsi: qla2xxx: Secure flash update support for ISP28XX (bsc#1136215).\n- scsi: qla2xxx: Set remote port devloss timeout to 0 (bsc#1136215).\n- scsi: qla2xxx: Simplification of register address used in qla_tmpl.c (bsc#1136215).\n- scsi: qla2xxx: Simplify conditional check again (bsc#1136215).\n- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).\n- scsi: qla2xxx: Update driver version to 10.00.00.14-k (bsc#1136215).\n- scsi: qla2xxx: Update driver version to 10.01.00.15-k (bsc#1136215).\n- scsi: qla2xxx: Update flash read/write routine (bsc#1136215).\n- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).\n- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).\n- scsi: smartpqi: add H3C controller IDs (bsc#1133547).\n- scsi: smartpqi: add h3c ssid (bsc#1133547).\n- scsi: smartpqi: add no_write_same for logical volumes (bsc#1133547).\n- scsi: smartpqi: add ofa support (bsc#1133547).\n- scsi: smartpqi: Add retries for device reset (bsc#1133547).\n- scsi: smartpqi: add smp_utils support (bsc#1133547).\n- scsi: smartpqi: add spdx (bsc#1133547).\n- scsi: smartpqi: add support for huawei controllers (bsc#1133547).\n- scsi: smartpqi: add support for PQI Config Table handshake (bsc#1133547).\n- scsi: smartpqi: add sysfs attributes (bsc#1133547).\n- scsi: smartpqi: allow for larger raid maps (bsc#1133547).\n- scsi: smartpqi: bump driver version (bsc#1133547).\n- scsi: smartpqi: bump driver version (bsc#1133547).\n- scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() (bsc#1133547).\n- scsi: smartpqi: check for null device pointers (bsc#1133547).\n- scsi: smartpqi: correct host serial num for ssa (bsc#1133547).\n- scsi: smartpqi: correct lun reset issues (bsc#1133547).\n- scsi: smartpqi: correct volume status (bsc#1133547).\n- scsi: smartpqi: do not offline disks for transient did no connect conditions (bsc#1133547).\n- scsi: smartpqi: enhance numa node detection (bsc#1133547).\n- scsi: smartpqi: fix build warnings (bsc#1133547).\n- scsi: smartpqi: fix disk name mount point (bsc#1133547).\n- scsi: smartpqi: fully convert to the generic DMA API (bsc#1133547).\n- scsi: smartpqi: increase fw status register read timeout (bsc#1133547).\n- scsi: smartpqi: increase LUN reset timeout (bsc#1133547).\n- scsi: smartpqi: refactor sending controller raid requests (bsc#1133547).\n- scsi: smartpqi: Reporting 'logical unit failure' (bsc#1133547).\n- scsi: smartpqi: turn off lun data caching for ptraid (bsc#1133547).\n- scsi: smartpqi: update copyright (bsc#1133547).\n- scsi: smartpqi: update driver version (bsc#1133547).\n- scsi: smartpqi: wake up drives after os resumes from suspend (bsc#1133547).\n- scsi: smartpqi_init: fix boolean expression in pqi_device_remove_start (bsc#1133547).\n- scsi: zfcp: make DIX experimental, disabled, and independent of DIF (jsc#SLE-6772).\n- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).\n- sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24).\n- sctp: fix identification of new acks for SFR-CACC (git-fixes).\n- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).\n- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- signal: Always notice exiting tasks (git-fixes).\n- signal: Better detection of synchronous signals (git-fixes).\n- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).\n- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24).\n- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).\n- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- soc: imx-sgtl5000: add missing put_device() (bsc#1051510).\n- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).\n- spi-mem: fix kernel-doc for spi_mem_dirmap_{read|write}() (bsc#1111666).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: Add missing pm_runtime_put_noidle() after failed get (bsc#1111666).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi: Micrel eth switch: declare missing of table (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).\n- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510).\n- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).\n- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).\n- staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bsc#1111666).\n- staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bsc#1111666).\n- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).\n- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).\n- sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).\n- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).\n- svm: Fix AVIC DFR and LDR handling (bsc#1132558).\n- switchtec: Fix unintended mask of MRPC event (git-fixes).\n- sysctl: handle overflow for file-max (bsc#1051510).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).\n- tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#1137586).\n- tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: purge write queue in tcp_connect_init() (git-fixes).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).\n- tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).\n- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).\n- team: set slave to promisc if team is already in promisc mode (bsc#1051510).\n- testing: nvdimm: provide SZ_4G constant (bsc#1132982).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).\n- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).\n- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).\n- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).\n- tipc: fix race condition causing hung sendto (networking-stable-19_03_07).\n- tipc: missing entries in name table of publications (networking-stable-19_04_19).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tools/cpupower: Add Hygon Dhyana support ().\n- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).\n- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).\n- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).\n- tracing: Fix buffer_ref pipe ops (bsc#1133698).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- treewide: Use DEVICE_ATTR_WO (bsc#1137739).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: serial_core, add ->install (bnc#1129693).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).\n- tun: fix blocking read (networking-stable-19_03_07).\n- tun: properly test for IFF_UP (networking-stable-19_03_28).\n- tun: remove unnecessary memory barrier (networking-stable-19_03_07).\n- uas: fix alignment of scatter/gather segments (bsc#1129770).\n- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: cdc-acm: fix unthrottle races (bsc#1051510).\n- usb: chipidea: Grab the (legacy) usb PHY by phandle first (bsc#1051510).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).\n- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- usb: serial: fix unthrottle races (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- usb: yurex: Fix protection fault after device removal (bsc#1051510).\n- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).\n- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).\n- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).\n- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).\n- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).\n- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).\n- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).\n- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).\n- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).\n- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).\n- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- vhost: reject zero size iova range (networking-stable-19_04_19).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vt: always call notifier with the console lock held (bsc#1051510).\n- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).\n- vxlan: test dev->flags and IFF_UP before calling netif_rx() (networking-stable-19_02_20).\n- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).\n- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).\n- x86/alternative: Init ideal_nops for Hygon Dhyana ().\n- x86/amd_nb: Check vendor in AMD-only functions ().\n- x86/apic: Add Hygon Dhyana support ().\n- x86/bugs: Add Hygon Dhyana to the respective mitigation machinery ().\n- x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die processors ().\n- x86/cpu/mtrr: Support TOP_MEM2 and get MTRR number ().\n- x86/cpu: Create Hygon Dhyana architecture support file ().\n- x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana ().\n- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).\n- x86/events: Add Hygon Dhyana support to PMU infrastructure ().\n- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).\n- x86/kvm: Add Hygon Dhyana support to kvm ().\n- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and pciE SMCA bank types (bsc#1128415).\n- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).\n- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).\n- x86/mce: Add Hygon Dhyana support to the MCA infrastructure ().\n- x86/mce: Do not disable MCA banks when offlining a CPU on AMD ().\n- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).\n- x86/mce: Handle varying MCA bank counts (bsc#1128415).\n- x86/msr-index: Cleanup bit defines (bsc#1111331).\n- x86/pci, x86/amd_nb: Add Hygon Dhyana support to pci and northbridge ().\n- x86/pci: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).\n- x86/perf/amd: Remove need to check 'running' bit in NMI handler (bsc#1131438).\n- x86/perf/amd: Resolve NMI latency issues for active PMCs (bsc#1131438).\n- x86/perf/amd: Resolve race condition when disabling PMC (bsc#1131438).\n- x86/smpboot: Do not use BSP INIT delay and MWAIT to idle on Dhyana ().\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).\n- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).\n- x86/xen: Add Hygon Dhyana support to Xen ().\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07).\n- xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07).\n- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).\n- xfrm6: call kfree_skb when skb is toobig (git-fixes).\n- xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes).\n- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).\n- xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).\n- xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).\n- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).\n- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).\n- xfrm: Return error on unknown encap_type in init_state (git-fixes).\n- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).\n- xfs: add log item pinning error injection tag (bsc#1114427).\n- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).\n- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).\n- xfs: buffer lru reference count error injection tag (bsc#1114427).\n- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).\n- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).\n- xfs: check _btree_check_block value (bsc#1123663).\n- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).\n- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).\n- xfs: create block pointer check functions (bsc#1123663).\n- xfs: create inode pointer verifiers (bsc#1114427).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).\n- xfs: export various function for the online scrubber (bsc#1123663).\n- xfs: expose errortag knobs via sysfs (bsc#1114427).\n- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).\n- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).\n- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).\n- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).\n- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).\n- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).\n- xfs: force summary counter recalc at next mount (bsc#1114427).\n- xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: make errortag a per-mountpoint structure (bsc#1123663).\n- xfs: move error injection tags into their own file (bsc#1114427).\n- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor btree block header checking functions (bsc#1123663).\n- xfs: refactor btree pointer checks (bsc#1123663).\n- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).\n- xfs: refactor unmount record write (bsc#1114427).\n- xfs: refactor xfs_trans_roll (bsc#1133667).\n- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).\n- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).\n- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).\n- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).\n- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).\n- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).\n- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).\n- xfs: sanity-check the unused space before trying to use it (bsc#1123663).\n- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).\n- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).\n- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).\n- xsk: export xdp_get_umem_from_qid (jsc#SLE-4797).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1550,SUSE-SLE-Module-Basesystem-15-SP1-2019-1550,SUSE-SLE-Module-Development-Tools-15-SP1-2019-1550,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1550,SUSE-SLE-Module-Legacy-15-SP1-2019-1550,SUSE-SLE-Module-Live-Patching-15-SP1-2019-1550,SUSE-SLE-Product-HA-15-SP1-2019-1550,SUSE-SLE-Product-WE-15-SP1-2019-1550", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1550-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1550-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191550-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1550-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005581.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1050242", url: "https://bugzilla.suse.com/1050242", }, { category: "self", summary: "SUSE Bug 1050549", url: "https://bugzilla.suse.com/1050549", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1052904", url: "https://bugzilla.suse.com/1052904", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1055121", url: "https://bugzilla.suse.com/1055121", }, { category: "self", summary: "SUSE Bug 1055186", url: "https://bugzilla.suse.com/1055186", }, { category: "self", summary: "SUSE Bug 1056787", url: "https://bugzilla.suse.com/1056787", }, { category: "self", summary: "SUSE Bug 1058115", url: "https://bugzilla.suse.com/1058115", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1064802", url: "https://bugzilla.suse.com/1064802", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066129", url: "https://bugzilla.suse.com/1066129", }, { category: "self", summary: "SUSE Bug 1068546", url: "https://bugzilla.suse.com/1068546", }, { category: "self", summary: "SUSE Bug 1070872", url: "https://bugzilla.suse.com/1070872", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1075020", url: "https://bugzilla.suse.com/1075020", }, { category: "self", summary: "SUSE Bug 1082387", url: "https://bugzilla.suse.com/1082387", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1086657", url: "https://bugzilla.suse.com/1086657", }, { category: "self", summary: "SUSE Bug 1088804", url: "https://bugzilla.suse.com/1088804", }, { category: "self", summary: "SUSE Bug 1093389", url: "https://bugzilla.suse.com/1093389", }, { category: "self", summary: "SUSE Bug 1097583", url: "https://bugzilla.suse.com/1097583", }, { category: "self", summary: "SUSE Bug 1097584", url: "https://bugzilla.suse.com/1097584", }, { category: "self", summary: "SUSE Bug 1097585", url: "https://bugzilla.suse.com/1097585", }, { category: "self", summary: "SUSE Bug 1097586", url: "https://bugzilla.suse.com/1097586", }, { category: "self", summary: "SUSE Bug 1097587", url: "https://bugzilla.suse.com/1097587", }, { category: "self", summary: "SUSE Bug 1097588", url: "https://bugzilla.suse.com/1097588", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1103186", url: "https://bugzilla.suse.com/1103186", }, { category: "self", summary: "SUSE Bug 1103259", url: "https://bugzilla.suse.com/1103259", }, { category: "self", summary: "SUSE Bug 1103992", url: "https://bugzilla.suse.com/1103992", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104427", url: "https://bugzilla.suse.com/1104427", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1108193", url: "https://bugzilla.suse.com/1108193", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1108937", url: "https://bugzilla.suse.com/1108937", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1111331", url: "https://bugzilla.suse.com/1111331", }, { category: "self", summary: "SUSE Bug 1111666", url: "https://bugzilla.suse.com/1111666", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1112128", url: "https://bugzilla.suse.com/1112128", }, { category: "self", summary: "SUSE Bug 1112178", url: "https://bugzilla.suse.com/1112178", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1113956", url: "https://bugzilla.suse.com/1113956", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 1114427", url: "https://bugzilla.suse.com/1114427", }, { category: "self", summary: "SUSE Bug 1114542", url: "https://bugzilla.suse.com/1114542", }, { category: "self", summary: "SUSE Bug 1114638", url: "https://bugzilla.suse.com/1114638", }, { category: "self", summary: "SUSE Bug 1115688", url: "https://bugzilla.suse.com/1115688", }, { category: "self", summary: "SUSE Bug 1117114", url: "https://bugzilla.suse.com/1117114", }, { category: "self", summary: "SUSE Bug 1117158", url: "https://bugzilla.suse.com/1117158", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1118139", url: "https://bugzilla.suse.com/1118139", }, { category: "self", summary: "SUSE Bug 1119680", url: "https://bugzilla.suse.com/1119680", }, { category: "self", summary: "SUSE Bug 1119843", url: "https://bugzilla.suse.com/1119843", }, { category: "self", summary: "SUSE Bug 1120091", url: "https://bugzilla.suse.com/1120091", }, { category: "self", summary: "SUSE Bug 1120318", url: "https://bugzilla.suse.com/1120318", }, { category: "self", summary: "SUSE Bug 1120423", url: "https://bugzilla.suse.com/1120423", }, { category: "self", summary: "SUSE Bug 1120566", url: "https://bugzilla.suse.com/1120566", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122767", url: "https://bugzilla.suse.com/1122767", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1123454", url: "https://bugzilla.suse.com/1123454", }, { category: "self", summary: "SUSE Bug 1123663", url: "https://bugzilla.suse.com/1123663", }, { category: "self", summary: "SUSE Bug 1124503", url: "https://bugzilla.suse.com/1124503", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1126206", url: "https://bugzilla.suse.com/1126206", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1126704", url: "https://bugzilla.suse.com/1126704", }, { category: "self", summary: "SUSE Bug 1127175", url: "https://bugzilla.suse.com/1127175", }, { category: "self", summary: "SUSE Bug 1127371", url: "https://bugzilla.suse.com/1127371", }, { category: "self", summary: "SUSE Bug 1127374", url: "https://bugzilla.suse.com/1127374", }, { category: "self", summary: "SUSE Bug 1127616", url: "https://bugzilla.suse.com/1127616", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1128415", url: "https://bugzilla.suse.com/1128415", }, { category: "self", summary: "SUSE Bug 1128544", url: "https://bugzilla.suse.com/1128544", }, { category: "self", summary: "SUSE Bug 1128904", url: "https://bugzilla.suse.com/1128904", }, { category: "self", summary: "SUSE Bug 1128971", url: "https://bugzilla.suse.com/1128971", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129273", url: "https://bugzilla.suse.com/1129273", }, { category: "self", summary: "SUSE Bug 1129497", url: "https://bugzilla.suse.com/1129497", }, { category: "self", summary: "SUSE Bug 1129693", url: "https://bugzilla.suse.com/1129693", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1129845", url: "https://bugzilla.suse.com/1129845", }, { category: "self", summary: "SUSE Bug 1130195", url: "https://bugzilla.suse.com/1130195", }, { category: "self", summary: "SUSE Bug 1130425", url: "https://bugzilla.suse.com/1130425", }, { category: "self", summary: "SUSE Bug 1130527", url: "https://bugzilla.suse.com/1130527", }, { category: "self", summary: "SUSE Bug 1130567", url: "https://bugzilla.suse.com/1130567", }, { category: "self", summary: "SUSE Bug 1130579", url: "https://bugzilla.suse.com/1130579", }, { category: "self", summary: "SUSE Bug 1130699", url: "https://bugzilla.suse.com/1130699", }, { category: "self", summary: "SUSE Bug 1130937", url: "https://bugzilla.suse.com/1130937", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131326", url: "https://bugzilla.suse.com/1131326", }, { category: "self", summary: "SUSE Bug 1131427", url: "https://bugzilla.suse.com/1131427", }, { category: "self", summary: "SUSE Bug 1131438", url: "https://bugzilla.suse.com/1131438", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131467", url: "https://bugzilla.suse.com/1131467", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131530", url: "https://bugzilla.suse.com/1131530", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1131574", url: "https://bugzilla.suse.com/1131574", }, { category: "self", summary: "SUSE Bug 1131587", url: "https://bugzilla.suse.com/1131587", }, { category: "self", summary: "SUSE Bug 1131659", url: "https://bugzilla.suse.com/1131659", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1131847", url: "https://bugzilla.suse.com/1131847", }, { category: "self", summary: "SUSE Bug 1131848", url: "https://bugzilla.suse.com/1131848", }, { category: "self", summary: "SUSE Bug 1131851", url: "https://bugzilla.suse.com/1131851", }, { category: "self", summary: "SUSE Bug 1131900", url: "https://bugzilla.suse.com/1131900", }, { category: "self", summary: "SUSE Bug 1131934", url: "https://bugzilla.suse.com/1131934", }, { category: "self", summary: "SUSE Bug 1131935", url: "https://bugzilla.suse.com/1131935", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1132219", url: "https://bugzilla.suse.com/1132219", }, { category: "self", summary: "SUSE Bug 1132226", url: "https://bugzilla.suse.com/1132226", }, { category: "self", summary: "SUSE Bug 1132227", url: "https://bugzilla.suse.com/1132227", }, { category: "self", summary: "SUSE Bug 1132365", url: "https://bugzilla.suse.com/1132365", }, { category: "self", summary: "SUSE Bug 1132368", url: "https://bugzilla.suse.com/1132368", }, { category: "self", summary: "SUSE Bug 1132369", url: "https://bugzilla.suse.com/1132369", }, { category: "self", summary: "SUSE Bug 1132370", url: "https://bugzilla.suse.com/1132370", }, { category: "self", summary: "SUSE Bug 1132372", url: "https://bugzilla.suse.com/1132372", }, { category: "self", summary: "SUSE Bug 1132373", url: "https://bugzilla.suse.com/1132373", }, { category: "self", summary: "SUSE Bug 1132384", url: "https://bugzilla.suse.com/1132384", }, { category: "self", summary: "SUSE Bug 1132397", url: "https://bugzilla.suse.com/1132397", }, { category: "self", summary: "SUSE Bug 1132402", url: "https://bugzilla.suse.com/1132402", }, { category: "self", summary: "SUSE Bug 1132403", url: "https://bugzilla.suse.com/1132403", }, { category: "self", summary: "SUSE Bug 1132404", url: "https://bugzilla.suse.com/1132404", }, { category: "self", summary: "SUSE Bug 1132405", url: "https://bugzilla.suse.com/1132405", }, { category: "self", summary: "SUSE Bug 1132407", url: "https://bugzilla.suse.com/1132407", }, { category: "self", summary: "SUSE Bug 1132411", url: "https://bugzilla.suse.com/1132411", }, { category: "self", summary: "SUSE Bug 1132412", url: "https://bugzilla.suse.com/1132412", }, { category: "self", summary: "SUSE Bug 1132413", url: "https://bugzilla.suse.com/1132413", }, { category: "self", summary: "SUSE Bug 1132414", url: "https://bugzilla.suse.com/1132414", }, { category: "self", summary: "SUSE Bug 1132426", url: "https://bugzilla.suse.com/1132426", }, { category: "self", summary: "SUSE Bug 1132527", url: "https://bugzilla.suse.com/1132527", }, { category: "self", summary: "SUSE Bug 1132531", url: "https://bugzilla.suse.com/1132531", }, { category: "self", summary: "SUSE Bug 1132555", url: "https://bugzilla.suse.com/1132555", }, { category: "self", summary: "SUSE Bug 1132558", url: "https://bugzilla.suse.com/1132558", }, { category: "self", summary: "SUSE Bug 1132561", url: "https://bugzilla.suse.com/1132561", }, { category: "self", summary: "SUSE Bug 1132562", url: "https://bugzilla.suse.com/1132562", }, { category: "self", summary: "SUSE Bug 1132563", url: "https://bugzilla.suse.com/1132563", }, { category: "self", summary: "SUSE Bug 1132564", url: "https://bugzilla.suse.com/1132564", }, { category: "self", summary: "SUSE Bug 1132570", url: "https://bugzilla.suse.com/1132570", }, { category: "self", summary: "SUSE Bug 1132571", url: "https://bugzilla.suse.com/1132571", }, { category: "self", summary: "SUSE Bug 1132572", url: "https://bugzilla.suse.com/1132572", }, { category: "self", summary: "SUSE Bug 1132589", url: "https://bugzilla.suse.com/1132589", }, { category: "self", summary: "SUSE Bug 1132618", url: "https://bugzilla.suse.com/1132618", }, { category: "self", summary: "SUSE Bug 1132673", url: "https://bugzilla.suse.com/1132673", }, { category: "self", summary: "SUSE Bug 1132681", url: "https://bugzilla.suse.com/1132681", }, { category: "self", summary: "SUSE Bug 1132726", url: "https://bugzilla.suse.com/1132726", }, { category: "self", summary: "SUSE Bug 1132828", url: "https://bugzilla.suse.com/1132828", }, { category: "self", summary: "SUSE Bug 1132894", url: "https://bugzilla.suse.com/1132894", }, { category: "self", summary: "SUSE Bug 1132943", url: "https://bugzilla.suse.com/1132943", }, { category: "self", summary: "SUSE Bug 1132982", url: "https://bugzilla.suse.com/1132982", }, { category: "self", summary: "SUSE Bug 1133005", url: "https://bugzilla.suse.com/1133005", }, { category: "self", summary: "SUSE Bug 1133016", url: "https://bugzilla.suse.com/1133016", }, { category: "self", summary: "SUSE Bug 1133094", url: "https://bugzilla.suse.com/1133094", }, { category: "self", summary: "SUSE Bug 1133095", url: "https://bugzilla.suse.com/1133095", }, { category: "self", summary: "SUSE Bug 1133115", url: "https://bugzilla.suse.com/1133115", }, { category: "self", summary: "SUSE Bug 1133149", url: "https://bugzilla.suse.com/1133149", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133190", url: "https://bugzilla.suse.com/1133190", }, { category: "self", summary: "SUSE Bug 1133320", url: "https://bugzilla.suse.com/1133320", }, { category: "self", summary: "SUSE Bug 1133486", url: "https://bugzilla.suse.com/1133486", }, { category: "self", summary: "SUSE Bug 1133529", url: "https://bugzilla.suse.com/1133529", }, { category: "self", summary: "SUSE Bug 1133547", url: "https://bugzilla.suse.com/1133547", }, { category: "self", summary: "SUSE Bug 1133584", url: "https://bugzilla.suse.com/1133584", }, { category: "self", summary: "SUSE Bug 1133593", url: "https://bugzilla.suse.com/1133593", }, { category: "self", summary: "SUSE Bug 1133612", url: "https://bugzilla.suse.com/1133612", }, { category: "self", summary: "SUSE Bug 1133616", url: "https://bugzilla.suse.com/1133616", }, { category: "self", summary: "SUSE Bug 1133667", url: "https://bugzilla.suse.com/1133667", }, { category: "self", summary: "SUSE Bug 1133668", url: "https://bugzilla.suse.com/1133668", }, { category: "self", summary: "SUSE Bug 1133672", url: "https://bugzilla.suse.com/1133672", }, { category: "self", summary: "SUSE Bug 1133674", url: "https://bugzilla.suse.com/1133674", }, { category: "self", summary: "SUSE Bug 1133675", url: "https://bugzilla.suse.com/1133675", }, { category: "self", summary: "SUSE Bug 1133698", url: "https://bugzilla.suse.com/1133698", }, { category: "self", summary: "SUSE Bug 1133702", url: "https://bugzilla.suse.com/1133702", }, { category: "self", summary: "SUSE Bug 1133731", url: "https://bugzilla.suse.com/1133731", }, { category: "self", summary: "SUSE Bug 1133769", url: "https://bugzilla.suse.com/1133769", }, { category: "self", summary: "SUSE Bug 1133772", url: "https://bugzilla.suse.com/1133772", }, { category: "self", summary: "SUSE Bug 1133774", url: "https://bugzilla.suse.com/1133774", }, { category: "self", summary: "SUSE Bug 1133778", url: "https://bugzilla.suse.com/1133778", }, { category: "self", summary: "SUSE Bug 1133779", url: "https://bugzilla.suse.com/1133779", }, { category: "self", summary: "SUSE Bug 1133780", url: "https://bugzilla.suse.com/1133780", }, { category: "self", summary: "SUSE Bug 1133825", url: "https://bugzilla.suse.com/1133825", }, { category: "self", summary: "SUSE Bug 1133850", url: "https://bugzilla.suse.com/1133850", }, { category: "self", summary: "SUSE Bug 1133851", url: "https://bugzilla.suse.com/1133851", }, { category: "self", summary: "SUSE Bug 1133852", url: "https://bugzilla.suse.com/1133852", }, { category: "self", summary: "SUSE Bug 1133897", url: "https://bugzilla.suse.com/1133897", }, { category: "self", summary: "SUSE Bug 1134090", url: "https://bugzilla.suse.com/1134090", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134199", url: "https://bugzilla.suse.com/1134199", }, { category: "self", summary: "SUSE Bug 1134200", url: "https://bugzilla.suse.com/1134200", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134203", url: "https://bugzilla.suse.com/1134203", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134223", url: "https://bugzilla.suse.com/1134223", }, { category: "self", summary: "SUSE Bug 1134354", url: "https://bugzilla.suse.com/1134354", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134397", url: "https://bugzilla.suse.com/1134397", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134460", url: "https://bugzilla.suse.com/1134460", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134597", url: "https://bugzilla.suse.com/1134597", }, { category: "self", summary: "SUSE Bug 1134600", url: "https://bugzilla.suse.com/1134600", }, { category: "self", summary: "SUSE Bug 1134607", url: "https://bugzilla.suse.com/1134607", }, { category: "self", summary: "SUSE Bug 1134618", url: "https://bugzilla.suse.com/1134618", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134671", url: "https://bugzilla.suse.com/1134671", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1134936", url: "https://bugzilla.suse.com/1134936", }, { category: "self", summary: "SUSE Bug 1134945", url: "https://bugzilla.suse.com/1134945", }, { category: "self", summary: "SUSE Bug 1134946", url: "https://bugzilla.suse.com/1134946", }, { category: "self", summary: "SUSE Bug 1134947", url: "https://bugzilla.suse.com/1134947", }, { category: "self", summary: "SUSE Bug 1134948", url: "https://bugzilla.suse.com/1134948", }, { category: "self", summary: "SUSE Bug 1134949", url: "https://bugzilla.suse.com/1134949", }, { category: "self", summary: "SUSE Bug 1134950", url: "https://bugzilla.suse.com/1134950", }, { category: "self", summary: "SUSE Bug 1134951", url: "https://bugzilla.suse.com/1134951", }, { category: "self", summary: "SUSE Bug 1134952", url: "https://bugzilla.suse.com/1134952", }, { category: "self", summary: "SUSE Bug 1134953", url: "https://bugzilla.suse.com/1134953", }, { category: "self", summary: "SUSE Bug 1134972", url: "https://bugzilla.suse.com/1134972", }, { category: "self", summary: "SUSE Bug 1134974", url: "https://bugzilla.suse.com/1134974", }, { category: "self", summary: "SUSE Bug 1134975", url: "https://bugzilla.suse.com/1134975", }, { category: "self", summary: "SUSE Bug 1134980", url: "https://bugzilla.suse.com/1134980", }, { category: "self", summary: "SUSE Bug 1134981", url: "https://bugzilla.suse.com/1134981", }, { category: "self", summary: "SUSE Bug 1134983", url: "https://bugzilla.suse.com/1134983", }, { category: "self", summary: "SUSE Bug 1134987", url: "https://bugzilla.suse.com/1134987", }, { category: "self", summary: "SUSE Bug 1134989", url: "https://bugzilla.suse.com/1134989", }, { category: "self", summary: "SUSE Bug 1134990", url: "https://bugzilla.suse.com/1134990", }, { category: "self", summary: "SUSE Bug 1134994", url: "https://bugzilla.suse.com/1134994", }, { category: "self", summary: "SUSE Bug 1134995", url: "https://bugzilla.suse.com/1134995", }, { category: "self", summary: "SUSE Bug 1134998", url: "https://bugzilla.suse.com/1134998", }, { category: "self", summary: "SUSE Bug 1134999", url: "https://bugzilla.suse.com/1134999", }, { category: "self", summary: "SUSE Bug 1135006", url: "https://bugzilla.suse.com/1135006", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135018", url: "https://bugzilla.suse.com/1135018", }, { category: "self", summary: "SUSE Bug 1135021", url: "https://bugzilla.suse.com/1135021", }, { category: "self", summary: "SUSE Bug 1135024", url: "https://bugzilla.suse.com/1135024", }, { category: "self", summary: "SUSE Bug 1135026", url: "https://bugzilla.suse.com/1135026", }, { category: "self", summary: "SUSE Bug 1135027", url: "https://bugzilla.suse.com/1135027", }, { category: "self", summary: "SUSE Bug 1135028", url: "https://bugzilla.suse.com/1135028", }, { category: "self", summary: "SUSE Bug 1135029", url: "https://bugzilla.suse.com/1135029", }, { category: "self", summary: "SUSE Bug 1135031", url: "https://bugzilla.suse.com/1135031", }, { category: "self", summary: "SUSE Bug 1135033", url: "https://bugzilla.suse.com/1135033", }, { category: "self", summary: "SUSE Bug 1135034", url: "https://bugzilla.suse.com/1135034", }, { category: "self", summary: "SUSE Bug 1135035", url: "https://bugzilla.suse.com/1135035", }, { category: "self", summary: "SUSE Bug 1135036", url: "https://bugzilla.suse.com/1135036", }, { category: "self", summary: "SUSE Bug 1135037", url: "https://bugzilla.suse.com/1135037", }, { category: "self", summary: "SUSE Bug 1135038", url: "https://bugzilla.suse.com/1135038", }, { category: "self", summary: "SUSE Bug 1135039", url: "https://bugzilla.suse.com/1135039", }, { category: "self", summary: "SUSE Bug 1135041", url: "https://bugzilla.suse.com/1135041", }, { category: "self", summary: "SUSE Bug 1135042", url: "https://bugzilla.suse.com/1135042", }, { category: "self", summary: "SUSE Bug 1135044", url: "https://bugzilla.suse.com/1135044", }, { category: "self", summary: "SUSE Bug 1135045", url: "https://bugzilla.suse.com/1135045", }, { category: "self", summary: "SUSE Bug 1135046", url: "https://bugzilla.suse.com/1135046", }, { category: "self", summary: "SUSE Bug 1135047", url: "https://bugzilla.suse.com/1135047", }, { category: "self", summary: "SUSE Bug 1135049", url: "https://bugzilla.suse.com/1135049", }, { category: "self", summary: "SUSE Bug 1135051", url: "https://bugzilla.suse.com/1135051", }, { category: "self", summary: "SUSE Bug 1135052", url: "https://bugzilla.suse.com/1135052", }, { category: "self", summary: "SUSE Bug 1135053", url: "https://bugzilla.suse.com/1135053", }, { category: "self", summary: "SUSE Bug 1135055", url: "https://bugzilla.suse.com/1135055", }, { category: "self", summary: "SUSE Bug 1135056", url: "https://bugzilla.suse.com/1135056", }, { category: "self", summary: "SUSE Bug 1135058", url: "https://bugzilla.suse.com/1135058", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135278", url: "https://bugzilla.suse.com/1135278", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135309", url: "https://bugzilla.suse.com/1135309", }, { category: "self", summary: "SUSE Bug 1135312", url: "https://bugzilla.suse.com/1135312", }, { category: "self", summary: "SUSE Bug 1135314", url: "https://bugzilla.suse.com/1135314", }, { category: "self", summary: "SUSE Bug 1135315", url: "https://bugzilla.suse.com/1135315", }, { category: "self", summary: "SUSE Bug 1135316", url: "https://bugzilla.suse.com/1135316", }, { category: "self", summary: "SUSE Bug 1135320", url: "https://bugzilla.suse.com/1135320", }, { category: "self", summary: "SUSE Bug 1135323", url: "https://bugzilla.suse.com/1135323", }, { category: "self", summary: "SUSE Bug 1135330", url: "https://bugzilla.suse.com/1135330", }, { category: "self", summary: "SUSE Bug 1135492", url: "https://bugzilla.suse.com/1135492", }, { category: "self", summary: "SUSE Bug 1135542", url: "https://bugzilla.suse.com/1135542", }, { category: "self", summary: "SUSE Bug 1135556", url: "https://bugzilla.suse.com/1135556", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135758", url: "https://bugzilla.suse.com/1135758", }, { category: "self", summary: "SUSE Bug 1136188", url: "https://bugzilla.suse.com/1136188", }, { category: "self", summary: "SUSE Bug 1136206", url: "https://bugzilla.suse.com/1136206", }, { category: "self", summary: "SUSE Bug 1136215", url: "https://bugzilla.suse.com/1136215", }, { category: "self", summary: "SUSE Bug 1136345", url: "https://bugzilla.suse.com/1136345", }, { category: "self", summary: "SUSE Bug 1136347", url: "https://bugzilla.suse.com/1136347", }, { category: "self", summary: "SUSE Bug 1136348", url: "https://bugzilla.suse.com/1136348", }, { category: "self", summary: "SUSE Bug 1136353", url: "https://bugzilla.suse.com/1136353", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136428", url: "https://bugzilla.suse.com/1136428", }, { category: "self", summary: "SUSE Bug 1136430", url: "https://bugzilla.suse.com/1136430", }, { category: "self", summary: "SUSE Bug 1136432", url: "https://bugzilla.suse.com/1136432", }, { category: "self", summary: "SUSE Bug 1136434", url: "https://bugzilla.suse.com/1136434", }, { category: "self", summary: "SUSE Bug 1136435", url: "https://bugzilla.suse.com/1136435", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136439", url: "https://bugzilla.suse.com/1136439", }, { category: "self", summary: "SUSE Bug 1136456", url: "https://bugzilla.suse.com/1136456", }, { category: "self", summary: "SUSE Bug 1136460", url: "https://bugzilla.suse.com/1136460", }, { category: "self", summary: "SUSE Bug 1136461", url: "https://bugzilla.suse.com/1136461", }, { category: "self", summary: "SUSE Bug 1136469", url: "https://bugzilla.suse.com/1136469", }, { category: "self", summary: "SUSE Bug 1136477", url: "https://bugzilla.suse.com/1136477", }, { category: "self", summary: "SUSE Bug 1136478", url: "https://bugzilla.suse.com/1136478", }, { category: "self", summary: "SUSE Bug 1136498", url: "https://bugzilla.suse.com/1136498", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136881", url: "https://bugzilla.suse.com/1136881", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137151", url: "https://bugzilla.suse.com/1137151", }, { category: "self", summary: "SUSE Bug 1137152", url: "https://bugzilla.suse.com/1137152", }, { category: "self", summary: "SUSE Bug 1137153", url: "https://bugzilla.suse.com/1137153", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137201", url: "https://bugzilla.suse.com/1137201", }, { category: "self", summary: "SUSE Bug 1137224", url: "https://bugzilla.suse.com/1137224", }, { category: "self", summary: "SUSE Bug 1137232", url: "https://bugzilla.suse.com/1137232", }, { category: "self", summary: "SUSE Bug 1137233", url: "https://bugzilla.suse.com/1137233", }, { category: "self", summary: "SUSE Bug 1137236", url: "https://bugzilla.suse.com/1137236", }, { category: "self", summary: "SUSE Bug 1137372", url: "https://bugzilla.suse.com/1137372", }, { category: "self", summary: "SUSE Bug 1137429", url: "https://bugzilla.suse.com/1137429", }, { category: "self", summary: "SUSE Bug 1137444", url: "https://bugzilla.suse.com/1137444", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 1137739", url: "https://bugzilla.suse.com/1137739", }, { category: "self", summary: "SUSE Bug 1137752", url: "https://bugzilla.suse.com/1137752", }, { category: "self", summary: "SUSE Bug 1138291", url: "https://bugzilla.suse.com/1138291", }, { category: "self", summary: "SUSE Bug 1138293", url: "https://bugzilla.suse.com/1138293", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2018-12126 page", url: "https://www.suse.com/security/cve/CVE-2018-12126/", }, { category: "self", summary: "SUSE CVE CVE-2018-12127 page", url: "https://www.suse.com/security/cve/CVE-2018-12127/", }, { category: "self", summary: "SUSE CVE CVE-2018-12130 page", url: "https://www.suse.com/security/cve/CVE-2018-12130/", }, { category: "self", summary: "SUSE CVE CVE-2018-16880 page", url: "https://www.suse.com/security/cve/CVE-2018-16880/", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-10124 page", url: "https://www.suse.com/security/cve/CVE-2019-10124/", }, { category: "self", summary: "SUSE CVE CVE-2019-11085 page", url: "https://www.suse.com/security/cve/CVE-2019-11085/", }, { category: "self", summary: "SUSE CVE CVE-2019-11091 page", url: "https://www.suse.com/security/cve/CVE-2019-11091/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11487 page", url: "https://www.suse.com/security/cve/CVE-2019-11487/", }, { category: "self", summary: "SUSE CVE CVE-2019-11811 page", url: "https://www.suse.com/security/cve/CVE-2019-11811/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-12818 page", url: "https://www.suse.com/security/cve/CVE-2019-12818/", }, { category: "self", summary: "SUSE CVE CVE-2019-12819 page", url: "https://www.suse.com/security/cve/CVE-2019-12819/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, { category: "self", summary: "SUSE CVE CVE-2019-8564 page", url: "https://www.suse.com/security/cve/CVE-2019-8564/", }, { category: "self", summary: "SUSE CVE CVE-2019-9003 page", url: "https://www.suse.com/security/cve/CVE-2019-9003/", }, { category: "self", summary: "SUSE CVE CVE-2019-9500 page", url: "https://www.suse.com/security/cve/CVE-2019-9500/", }, { category: "self", summary: "SUSE CVE CVE-2019-9503 page", url: "https://www.suse.com/security/cve/CVE-2019-9503/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-18T16:07:40Z", generator: { date: "2019-06-18T16:07:40Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1550-1", initial_release_date: "2019-06-18T16:07:40Z", revision_history: [ { date: "2019-06-18T16:07:40Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-197.4.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-197.4.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-197.4.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-197.4.1.aarch64", product_id: "dlm-kmp-default-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-al-4.12.14-197.4.1.aarch64", product: { name: "dtb-al-4.12.14-197.4.1.aarch64", product_id: "dtb-al-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-allwinner-4.12.14-197.4.1.aarch64", product: { name: "dtb-allwinner-4.12.14-197.4.1.aarch64", product_id: "dtb-allwinner-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-altera-4.12.14-197.4.1.aarch64", product: { name: "dtb-altera-4.12.14-197.4.1.aarch64", product_id: "dtb-altera-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-amd-4.12.14-197.4.1.aarch64", product: { name: "dtb-amd-4.12.14-197.4.1.aarch64", product_id: "dtb-amd-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-amlogic-4.12.14-197.4.1.aarch64", product: { name: "dtb-amlogic-4.12.14-197.4.1.aarch64", product_id: "dtb-amlogic-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-apm-4.12.14-197.4.1.aarch64", product: { name: "dtb-apm-4.12.14-197.4.1.aarch64", product_id: "dtb-apm-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-arm-4.12.14-197.4.1.aarch64", product: { name: "dtb-arm-4.12.14-197.4.1.aarch64", product_id: "dtb-arm-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-broadcom-4.12.14-197.4.1.aarch64", product: { name: "dtb-broadcom-4.12.14-197.4.1.aarch64", product_id: "dtb-broadcom-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-cavium-4.12.14-197.4.1.aarch64", product: { name: "dtb-cavium-4.12.14-197.4.1.aarch64", product_id: "dtb-cavium-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-exynos-4.12.14-197.4.1.aarch64", product: { name: "dtb-exynos-4.12.14-197.4.1.aarch64", product_id: "dtb-exynos-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-freescale-4.12.14-197.4.1.aarch64", product: { name: "dtb-freescale-4.12.14-197.4.1.aarch64", product_id: "dtb-freescale-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-hisilicon-4.12.14-197.4.1.aarch64", product: { name: "dtb-hisilicon-4.12.14-197.4.1.aarch64", product_id: "dtb-hisilicon-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-lg-4.12.14-197.4.1.aarch64", product: { name: "dtb-lg-4.12.14-197.4.1.aarch64", product_id: "dtb-lg-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-marvell-4.12.14-197.4.1.aarch64", product: { name: "dtb-marvell-4.12.14-197.4.1.aarch64", product_id: "dtb-marvell-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-mediatek-4.12.14-197.4.1.aarch64", product: { name: "dtb-mediatek-4.12.14-197.4.1.aarch64", product_id: "dtb-mediatek-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-nvidia-4.12.14-197.4.1.aarch64", product: { name: "dtb-nvidia-4.12.14-197.4.1.aarch64", product_id: "dtb-nvidia-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-qcom-4.12.14-197.4.1.aarch64", product: { name: "dtb-qcom-4.12.14-197.4.1.aarch64", product_id: "dtb-qcom-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-renesas-4.12.14-197.4.1.aarch64", product: { name: "dtb-renesas-4.12.14-197.4.1.aarch64", product_id: "dtb-renesas-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-rockchip-4.12.14-197.4.1.aarch64", product: { name: "dtb-rockchip-4.12.14-197.4.1.aarch64", product_id: "dtb-rockchip-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-socionext-4.12.14-197.4.1.aarch64", product: { name: "dtb-socionext-4.12.14-197.4.1.aarch64", product_id: "dtb-socionext-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-sprd-4.12.14-197.4.1.aarch64", product: { name: "dtb-sprd-4.12.14-197.4.1.aarch64", product_id: "dtb-sprd-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-xilinx-4.12.14-197.4.1.aarch64", product: { name: "dtb-xilinx-4.12.14-197.4.1.aarch64", product_id: "dtb-xilinx-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "dtb-zte-4.12.14-197.4.1.aarch64", product: { name: "dtb-zte-4.12.14-197.4.1.aarch64", product_id: "dtb-zte-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-197.4.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-197.4.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.12.14-197.4.1.aarch64", product: { name: "kernel-default-4.12.14-197.4.1.aarch64", product_id: "kernel-default-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-197.4.1.aarch64", product: { name: "kernel-default-base-4.12.14-197.4.1.aarch64", product_id: "kernel-default-base-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-197.4.1.aarch64", product: { name: "kernel-default-devel-4.12.14-197.4.1.aarch64", product_id: "kernel-default-devel-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-197.4.1.aarch64", product: { name: "kernel-default-extra-4.12.14-197.4.1.aarch64", product_id: "kernel-default-extra-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-197.4.1.aarch64", product: { name: "kernel-default-livepatch-4.12.14-197.4.1.aarch64", product_id: "kernel-default-livepatch-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-197.4.1.aarch64", product: { name: "kernel-default-livepatch-devel-4.12.14-197.4.1.aarch64", product_id: "kernel-default-livepatch-devel-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-197.4.1.aarch64", product: { name: "kernel-obs-build-4.12.14-197.4.1.aarch64", product_id: "kernel-obs-build-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-197.4.1.aarch64", product: { name: "kernel-obs-qa-4.12.14-197.4.1.aarch64", product_id: "kernel-obs-qa-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-197.4.1.aarch64", product: { name: "kernel-syms-4.12.14-197.4.1.aarch64", product_id: "kernel-syms-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-197.4.1.aarch64", product: { name: "kernel-vanilla-4.12.14-197.4.1.aarch64", product_id: "kernel-vanilla-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-197.4.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-197.4.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-197.4.1.aarch64", product: { name: "kernel-vanilla-devel-4.12.14-197.4.1.aarch64", product_id: "kernel-vanilla-devel-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.aarch64", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.aarch64", product_id: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-197.4.1.aarch64", product: { name: "kselftests-kmp-default-4.12.14-197.4.1.aarch64", product_id: "kselftests-kmp-default-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-197.4.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-197.4.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-197.4.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-197.4.1.aarch64", product: { name: "reiserfs-kmp-default-4.12.14-197.4.1.aarch64", product_id: "reiserfs-kmp-default-4.12.14-197.4.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-197.4.1.noarch", product: { name: "kernel-devel-4.12.14-197.4.1.noarch", product_id: "kernel-devel-4.12.14-197.4.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-197.4.1.noarch", product: { name: "kernel-docs-4.12.14-197.4.1.noarch", product_id: "kernel-docs-4.12.14-197.4.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-197.4.1.noarch", product: { name: "kernel-docs-html-4.12.14-197.4.1.noarch", product_id: "kernel-docs-html-4.12.14-197.4.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-197.4.1.noarch", product: { name: "kernel-macros-4.12.14-197.4.1.noarch", product_id: "kernel-macros-4.12.14-197.4.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-197.4.1.noarch", product: { name: "kernel-source-4.12.14-197.4.1.noarch", product_id: "kernel-source-4.12.14-197.4.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-197.4.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-197.4.1.noarch", product_id: "kernel-source-vanilla-4.12.14-197.4.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-197.4.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-197.4.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-197.4.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-197.4.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.12.14-197.4.1.ppc64le", product: { name: "kernel-debug-4.12.14-197.4.1.ppc64le", product_id: "kernel-debug-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-197.4.1.ppc64le", product: { name: "kernel-debug-base-4.12.14-197.4.1.ppc64le", product_id: "kernel-debug-base-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-197.4.1.ppc64le", product: { name: "kernel-debug-devel-4.12.14-197.4.1.ppc64le", product_id: "kernel-debug-devel-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-4.12.14-197.4.1.ppc64le", product: { name: "kernel-debug-livepatch-devel-4.12.14-197.4.1.ppc64le", product_id: "kernel-debug-livepatch-devel-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.12.14-197.4.1.ppc64le", product: { name: "kernel-default-4.12.14-197.4.1.ppc64le", product_id: "kernel-default-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-197.4.1.ppc64le", product: { name: "kernel-default-base-4.12.14-197.4.1.ppc64le", product_id: "kernel-default-base-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-197.4.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-197.4.1.ppc64le", product_id: "kernel-default-devel-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-197.4.1.ppc64le", product: { name: "kernel-default-extra-4.12.14-197.4.1.ppc64le", product_id: "kernel-default-extra-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-197.4.1.ppc64le", product: { name: "kernel-default-livepatch-4.12.14-197.4.1.ppc64le", product_id: "kernel-default-livepatch-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", product: { name: "kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", product_id: "kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", product: { name: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", product_id: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-197.4.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-197.4.1.ppc64le", product_id: "kernel-obs-build-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-197.4.1.ppc64le", product: { name: "kernel-obs-qa-4.12.14-197.4.1.ppc64le", product_id: "kernel-obs-qa-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-197.4.1.ppc64le", product: { name: "kernel-syms-4.12.14-197.4.1.ppc64le", product_id: "kernel-syms-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-197.4.1.ppc64le", product: { name: "kernel-vanilla-4.12.14-197.4.1.ppc64le", product_id: "kernel-vanilla-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-197.4.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-197.4.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-197.4.1.ppc64le", product: { name: "kernel-vanilla-devel-4.12.14-197.4.1.ppc64le", product_id: "kernel-vanilla-devel-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.ppc64le", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.ppc64le", product_id: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-197.4.1.ppc64le", product: { name: "kselftests-kmp-default-4.12.14-197.4.1.ppc64le", product_id: "kselftests-kmp-default-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", product: { name: "reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", product_id: "reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-197.4.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-197.4.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-197.4.1.s390x", product: { name: "dlm-kmp-default-4.12.14-197.4.1.s390x", product_id: "dlm-kmp-default-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-197.4.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-197.4.1.s390x", product_id: "gfs2-kmp-default-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.12.14-197.4.1.s390x", product: { name: "kernel-default-4.12.14-197.4.1.s390x", product_id: "kernel-default-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-197.4.1.s390x", product: { name: "kernel-default-base-4.12.14-197.4.1.s390x", product_id: "kernel-default-base-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-197.4.1.s390x", product: { name: "kernel-default-devel-4.12.14-197.4.1.s390x", product_id: "kernel-default-devel-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-197.4.1.s390x", product: { name: "kernel-default-extra-4.12.14-197.4.1.s390x", product_id: "kernel-default-extra-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-197.4.1.s390x", product: { name: "kernel-default-livepatch-4.12.14-197.4.1.s390x", product_id: "kernel-default-livepatch-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-197.4.1.s390x", product: { name: "kernel-default-livepatch-devel-4.12.14-197.4.1.s390x", product_id: "kernel-default-livepatch-devel-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-197.4.1.s390x", product: { name: "kernel-default-man-4.12.14-197.4.1.s390x", product_id: "kernel-default-man-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-197.4.1.s390x", product: { name: "kernel-obs-build-4.12.14-197.4.1.s390x", product_id: "kernel-obs-build-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-197.4.1.s390x", product: { name: "kernel-obs-qa-4.12.14-197.4.1.s390x", product_id: "kernel-obs-qa-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-197.4.1.s390x", product: { name: "kernel-syms-4.12.14-197.4.1.s390x", product_id: "kernel-syms-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-197.4.1.s390x", product: { name: "kernel-vanilla-4.12.14-197.4.1.s390x", product_id: "kernel-vanilla-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-197.4.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-197.4.1.s390x", product_id: "kernel-vanilla-base-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-197.4.1.s390x", product: { name: "kernel-vanilla-devel-4.12.14-197.4.1.s390x", product_id: "kernel-vanilla-devel-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.s390x", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.s390x", product_id: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-197.4.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-197.4.1.s390x", product_id: "kernel-zfcpdump-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-man-4.12.14-197.4.1.s390x", product: { name: "kernel-zfcpdump-man-4.12.14-197.4.1.s390x", product_id: "kernel-zfcpdump-man-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-197.4.1.s390x", product: { name: "kselftests-kmp-default-4.12.14-197.4.1.s390x", product_id: "kselftests-kmp-default-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-197.4.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-197.4.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-197.4.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-197.4.1.s390x", product: { name: "reiserfs-kmp-default-4.12.14-197.4.1.s390x", product_id: "reiserfs-kmp-default-4.12.14-197.4.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-197.4.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-197.4.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-197.4.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-197.4.1.x86_64", product_id: "dlm-kmp-default-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-197.4.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-197.4.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.12.14-197.4.1.x86_64", product: { name: "kernel-debug-4.12.14-197.4.1.x86_64", product_id: "kernel-debug-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-197.4.1.x86_64", product: { name: "kernel-debug-base-4.12.14-197.4.1.x86_64", product_id: "kernel-debug-base-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-debug-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-debug-livepatch-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-debug-livepatch-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-197.4.1.x86_64", product: { name: "kernel-default-4.12.14-197.4.1.x86_64", product_id: "kernel-default-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-197.4.1.x86_64", product: { name: "kernel-default-base-4.12.14-197.4.1.x86_64", product_id: "kernel-default-base-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-default-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-default-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-197.4.1.x86_64", product: { name: "kernel-default-extra-4.12.14-197.4.1.x86_64", product_id: "kernel-default-extra-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-197.4.1.x86_64", product: { name: "kernel-default-livepatch-4.12.14-197.4.1.x86_64", product_id: "kernel-default-livepatch-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-197.4.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-197.4.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-197.4.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-197.4.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-kvmsmall-livepatch-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-kvmsmall-livepatch-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", product: { name: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", product_id: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-197.4.1.x86_64", product: { name: "kernel-obs-build-4.12.14-197.4.1.x86_64", product_id: "kernel-obs-build-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-197.4.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-197.4.1.x86_64", product_id: "kernel-obs-qa-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-197.4.1.x86_64", product: { name: "kernel-syms-4.12.14-197.4.1.x86_64", product_id: "kernel-syms-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-197.4.1.x86_64", product: { name: "kernel-vanilla-4.12.14-197.4.1.x86_64", product_id: "kernel-vanilla-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-197.4.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-197.4.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.x86_64", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.x86_64", product_id: "kernel-vanilla-livepatch-devel-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-197.4.1.x86_64", product: { name: "kselftests-kmp-default-4.12.14-197.4.1.x86_64", product_id: "kselftests-kmp-default-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-197.4.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-197.4.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-197.4.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-197.4.1.x86_64", product: { name: "reiserfs-kmp-default-4.12.14-197.4.1.x86_64", product_id: "reiserfs-kmp-default-4.12.14-197.4.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP1", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15 SP1", product: { name: "SUSE Linux Enterprise Module for Legacy 15 SP1", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP1", product: { name: "SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP1", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15 SP1", product: { name: "SUSE Linux Enterprise Workstation Extension 15 SP1", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", }, product_reference: "kernel-default-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", }, product_reference: "kernel-default-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", }, product_reference: "kernel-default-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-default-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", }, product_reference: "kernel-default-base-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", }, product_reference: "kernel-default-man-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-197.4.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", }, product_reference: "kernel-devel-4.12.14-197.4.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-197.4.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", }, product_reference: "kernel-macros-4.12.14-197.4.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", }, product_reference: "kernel-zfcpdump-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-197.4.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", }, product_reference: "kernel-docs-4.12.14-197.4.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", }, product_reference: "kernel-obs-build-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-197.4.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", }, product_reference: "kernel-source-4.12.14-197.4.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", }, product_reference: "kernel-syms-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", }, product_reference: "kernel-syms-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP1", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-syms-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP1", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", }, product_reference: "reiserfs-kmp-default-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP1", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", }, product_reference: "reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP1", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", }, product_reference: "reiserfs-kmp-default-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP1", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", }, product_reference: "reiserfs-kmp-default-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", }, product_reference: "kernel-default-livepatch-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-default-livepatch-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", }, product_reference: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", }, product_reference: "kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", }, product_reference: "cluster-md-kmp-default-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", }, product_reference: "dlm-kmp-default-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", }, product_reference: "gfs2-kmp-default-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-197.4.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", }, product_reference: "ocfs2-kmp-default-4.12.14-197.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-197.4.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-197.4.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-197.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-197.4.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP1", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-197.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2018-12126", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12126", }, ], notes: [ { category: "general", text: "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12126", url: "https://www.suse.com/security/cve/CVE-2018-12126", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12126", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12126", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12126", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1135524 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135524", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12126", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12126", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12126", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1149725 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149725", }, { category: "external", summary: "SUSE Bug 1149726 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149726", }, { category: "external", summary: "SUSE Bug 1149729 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149729", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12126", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12126", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2018-12126", }, { cve: "CVE-2018-12127", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12127", }, ], notes: [ { category: "general", text: "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12127", url: "https://www.suse.com/security/cve/CVE-2018-12127", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12127", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12127", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12127", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12127", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12127", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12127", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12127", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12127", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2018-12127", }, { cve: "CVE-2018-12130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12130", }, ], notes: [ { category: "general", text: "Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12130", url: "https://www.suse.com/security/cve/CVE-2018-12130", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12130", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12130", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12130", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12130", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12130", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12130", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12130", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12130", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12130", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2018-12130", }, { cve: "CVE-2018-16880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16880", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16880", url: "https://www.suse.com/security/cve/CVE-2018-16880", }, { category: "external", summary: "SUSE Bug 1122767 for CVE-2018-16880", url: "https://bugzilla.suse.com/1122767", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2018-16880", }, { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-10124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10124", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10124", url: "https://www.suse.com/security/cve/CVE-2019-10124", }, { category: "external", summary: "SUSE Bug 1130699 for CVE-2019-10124", url: "https://bugzilla.suse.com/1130699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-10124", }, { cve: "CVE-2019-11085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11085", }, ], notes: [ { category: "general", text: "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11085", url: "https://www.suse.com/security/cve/CVE-2019-11085", }, { category: "external", summary: "SUSE Bug 1135278 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135278", }, { category: "external", summary: "SUSE Bug 1135280 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135280", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "important", }, ], title: "CVE-2019-11085", }, { cve: "CVE-2019-11091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11091", }, ], notes: [ { category: "general", text: "Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11091", url: "https://www.suse.com/security/cve/CVE-2019-11091", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2019-11091", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2019-11091", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11091", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-11091", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1135394 for CVE-2019-11091", url: "https://bugzilla.suse.com/1135394", }, { category: "external", summary: "SUSE Bug 1138043 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138043", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2019-11091", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2019-11091", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2019-11091", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-11091", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11487", }, ], notes: [ { category: "general", text: "The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11487", url: "https://www.suse.com/security/cve/CVE-2019-11487", }, { category: "external", summary: "SUSE Bug 1133190 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133190", }, { category: "external", summary: "SUSE Bug 1133191 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "important", }, ], title: "CVE-2019-11487", }, { cve: "CVE-2019-11811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11811", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11811", url: "https://www.suse.com/security/cve/CVE-2019-11811", }, { category: "external", summary: "SUSE Bug 1134397 for CVE-2019-11811", url: "https://bugzilla.suse.com/1134397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "low", }, ], title: "CVE-2019-11811", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-12818", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12818", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12818", url: "https://www.suse.com/security/cve/CVE-2019-12818", }, { category: "external", summary: "SUSE Bug 1138293 for CVE-2019-12818", url: "https://bugzilla.suse.com/1138293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-12818", }, { cve: "CVE-2019-12819", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12819", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12819", url: "https://www.suse.com/security/cve/CVE-2019-12819", }, { category: "external", summary: "SUSE Bug 1138291 for CVE-2019-12819", url: "https://bugzilla.suse.com/1138291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.4, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "low", }, ], title: "CVE-2019-12819", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-5489", }, { cve: "CVE-2019-8564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8564", }, ], notes: [ { category: "general", text: "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8564", url: "https://www.suse.com/security/cve/CVE-2019-8564", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-8564", }, { cve: "CVE-2019-9003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9003", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a \"service ipmievd restart\" loop.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9003", url: "https://www.suse.com/security/cve/CVE-2019-9003", }, { category: "external", summary: "SUSE Bug 1126704 for CVE-2019-9003", url: "https://bugzilla.suse.com/1126704", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-9003", }, { cve: "CVE-2019-9500", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9500", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9500", url: "https://www.suse.com/security/cve/CVE-2019-9500", }, { category: "external", summary: "SUSE Bug 1132681 for CVE-2019-9500", url: "https://bugzilla.suse.com/1132681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-9500", }, { cve: "CVE-2019-9503", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9503", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9503", url: "https://www.suse.com/security/cve/CVE-2019-9503", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132828", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-9503", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1156653 for CVE-2019-9503", url: "https://bugzilla.suse.com/1156653", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-1-3.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-base-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-devel-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-default-man-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-devel-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-macros-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:kernel-zfcpdump-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-docs-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-obs-build-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-source-4.12.14-197.4.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP1:kernel-syms-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP1:reiserfs-kmp-default-4.12.14-197.4.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP1:kernel-default-extra-4.12.14-197.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T16:07:40Z", details: "moderate", }, ], title: "CVE-2019-9503", }, ], }
suse-su-2019:1527-1
Vulnerability from csaf_suse
Published
2019-06-17 17:16
Modified
2019-06-17 17:16
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic. (bsc#1137586)
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able to
further exploit the fragmented queue to cause an expensive linked-list walk
for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: It was possible to send a crafted sequence of SACKs which
will fragment the RACK send map. A remote attacker may be able to further
exploit the fragmented send map to cause an expensive linked-list walk for
subsequent SACKs received for that same TCP connection. This would have
resulted in excess resource consumption due to low mss values.
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly
escalate privileges was found in the mwifiex kernel module while connecting
to a malicious wireless network. (bnc#1136424)
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in
drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked
kstrdup of fwstr, which might allow an attacker to cause a denial of service
(NULL pointer dereference and system crash). (bnc#1136586)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of other
processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.) Limited
remote exploitation may be possible, as demonstrated by latency differences
in accessing public files from an Apache HTTP Server. (bnc#1120843).
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the
unused memory region in the extent tree block, which might allow local users
to obtain sensitive information by reading uninitialized data in the
filesystem. (bnc#1135281)
- CVE-2018-7191: In the tun subsystem in the Linux kernel before 4.13.14,
dev_get_valid_name is not called before register_netdevice. This allowed
local users to cause a denial of service (NULL pointer dereference and panic)
via an ioctl(TUNSETIFF) call with a dev name containing a / character. This
is similar to CVE-2013-4343. (bnc#1135603)
- CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on setuid
programs (such as /bin/su) because install_exec_creds() is called too late in
load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check
has a race condition when reading /proc/pid/stat. (bnc#1131543)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c
in the Linux kernel There was a race condition leading to a use-after-free,
related to net namespace cleanup. (bnc#1134537)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c
in the Linux kernel allowed a local user to obtain potentially sensitive
information from kernel stack memory via a HIDPCONNADD command, because a
name field may not end with a '\0' character. (bnc#1134848)
- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in
fs/proc/base.c in the Linux kernel It did not ensure that only root may
inspect the kernel stack of an arbitrary task, allowing a local attacker to
exploit racy stack unwinding and leak kernel task stack contents.
(bnc#1110785)
- CVE-2019-11486: The Siemens R3964 line discipline driver in
drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions.
(bnc#1133188)
The following new features were implemented:
- Updated the Chelsio cxgb4vf driver with the latest upstream patches.
(fate#321660)
- Backported changes into e1000e kernel module to support systems using the
Intel I219-LM NIC chip. (fate#326719)
- Import QLogic/Cavium qedr driver (RDMA) into the kernel. (fate#321747)
- Update the QLogic/Cavium qed driver (NET). (fate#321703)
- Update the QLogic/Cavium qede driver (NET). (fate#321702)
- Update the Chelsio iw_cxgb4 driver with the latest upstream patches.
(fate#321661)
- Update the Chelsio cxgb4 driver with the latest upstream patches.
(fate#321658)
- Update support for Intel Omni Path (OPA) kernel driver. (fate#321473)
- Update the QIB driver to the latest upstream version for up-to-date
functionality and hardware support. (fate#321231)
The following non-security bugs were fixed:
- 9p locks: add mount option for lock retry interval (bnc#1012382).
- 9p: do not trust pdu content for stat item size (bnc#1012382).
- ACPI / SBS: Fix GPE storm on recent MacBookPro's (bnc#1012382).
- ALSA: PCM: check if ops are defined before suspending PCM (bnc#1012382).
- ALSA: core: Fix card races between register and disconnect (bnc#1012382).
- ALSA: echoaudio: add a check for ioremap_nocache (bnc#1012382).
- ALSA: info: Fix racy addition/deletion of nodes (bnc#1012382).
- ALSA: line6: use dynamic buffers (bnc#1012382).
- ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration (bnc#1012382).
- ALSA: sb8: add a check for request_region (bnc#1012382).
- ALSA: seq: Fix OOB-reads from strlcpy (bnc#1012382).
- ARM: 8833/1: Ensure that NEON code always compiles with Clang (bnc#1012382).
- ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bnc#1012382).
- ARM: 8840/1: use a raw_spinlock_t in unwind (bnc#1012382).
- ARM: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012382).
- ARM: dts: at91: Fix typo in ISC_D0 on PC9 (bnc#1012382).
- ARM: dts: pfla02: increase phy reset duration (bnc#1012382).
- ARM: iop: do not use using 64-bit DMA masks (bnc#1012382).
- ARM: orion: do not use using 64-bit DMA masks (bnc#1012382).
- ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bnc#1012382).
- ASoC: Intel: avoid Oops if DMA setup fails (bnc#1012382).
- ASoC: cs4270: Set auto-increment bit for register writes (bnc#1012382).
- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc#1012382).
- ASoC: fsl_esai: fix channel swap issue when stream starts (bnc#1012382).
- ASoC: tlv320aic32x4: Fix Common Pins (bnc#1012382).
- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bnc#1012382).
- Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bnc#1012382).
- Bluetooth: Fix decrementing reference count twice in releasing socket (bnc#1012382).
- CIFS: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- Correct bsc/FATE numbers.
- Do not jump to compute_result state from check_result state (bnc#1012382).
- Documentation: Add MDS vulnerability documentation (bnc#1012382).
- Documentation: Add nospectre_v1 parameter (bnc#1012382).
- Documentation: Correct the possible MDS sysfs values (bnc#1012382).
- Documentation: Move L1TF to separate directory (bnc#1012382).
- HID: debug: fix race condition with between rdesc_show() and device removal (bnc#1012382).
- HID: input: add mapping for Expose/Overview key (bnc#1012382).
- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bnc#1012382).
- IB/hfi1: Eliminate opcode tests on mr deref ().
- IB/hfi1: Unreserve a reserved request when it is completed ().
- IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bnc#1012382).
- IB/mlx4: Increase the timeout for CM cache (bnc#1012382).
- IB/rdmavt: Add wc_flags and wc_immdata to cq entry trace ().
- IB/rdmavt: Fix frwr memory registration ().
- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bnc#1012382).
- KVM: fail KVM_SET_VCPU_EVENTS with invalid exception number (bnc#1012382).
- KVM: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bnc#1012382).
- KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (bnc#1012382).
- MIPS: scall64-o32: Fix indirect syscall number load (bnc#1012382).
- NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).
- NFS: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
- NFS: Fix I/O request leakages (git-fixes).
- NFS: Forbid setting AF_INET6 to 'struct sockaddr_in'->sin_family (bnc#1012382).
- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bnc#1012382).
- PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1137142).
- PCI: Mark Atheros AR9462 to avoid bus reset (bsc#1135642).
- PCI: xilinx-nwl: Add missing of_node_put() (bsc#1100132).
- RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1005778 bsc#1005780 bsc#1005781).
- RDMA/qedr: Fix out of bounds index check in query pkey (bsc#1022604).
- Revert 'block/loop: Use global lock for ioctl() operation.' (bnc#1012382).
- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946).
- Revert 'cpu/speculation: Add 'mitigations=' cmdline option' (stable backports).
- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).
- Revert 'kbuild: use -Oz instead of -Os when using clang' (bnc#1012382).
- Revert 'locking/lockdep: Add debug_locks check in __lock_downgrade()' (bnc#1012382).
- Revert 'netns: provide pure entropy for net_hash_mix()' (kabi).
- Revert 'sched: Add sched_smt_active()' (stable backports).
- Revert 'x86/MCE: Save microcode revision in machine check records' (kabi).
- Revert 'x86/kprobes: Verify stack frame on kretprobe' (kabi).
- Revert 'x86/speculation/mds: Add 'mitigations=' support for MDS' (stable backports).
- Revert 'x86/speculation: Support 'mitigations=' cmdline option' (stable backports).
- SoC: imx-sgtl5000: add missing put_device() (bnc#1012382).
- UAS: fix alignment of scatter/gather segments (bnc#1012382 bsc#1129770).
- UAS: fix alignment of scatter/gather segments (bsc#1129770).
- USB: Add new USB LPM helpers (bsc#1129770).
- USB: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770).
- USB: cdc-acm: fix unthrottle races (bsc#1135642).
- USB: core: Fix bug caused by duplicate interface PM usage counter (bnc#1012382).
- USB: core: Fix unterminated string returned by usb_string() (bnc#1012382).
- USB: serial: fix unthrottle races (bnc#1012382).
- USB: serial: use variable for status (bnc#1012382).
- USB: w1 ds2490: Fix bug caused by improper use of altsetting array (bnc#1012382).
- USB: yurex: Fix protection fault after device removal (bnc#1012382).
- X.509: unpack RSA signatureValue field from BIT STRING (git-fixes).
- appletalk: Fix compile regression (bnc#1012382).
- appletalk: Fix use-after-free in atalk_proc_exit (bnc#1012382).
- arm64/kernel: do not ban ADRP to work around Cortex-A53 erratum #843419 (bsc#1126040).
- arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp (bsc#1126040).
- arm64: Add helper to decode register from instruction (bsc#1126040).
- arm64: debug: Do not propagate UNKNOWN FAR into si_code for debug signals (bnc#1012382).
- arm64: debug: Ensure debug handlers check triggering exception level (bnc#1012382).
- arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#1012382).
- arm64: futex: Restore oldval initialization to work around buggy compilers (bnc#1012382).
- arm64: module-plts: factor out PLT generation code for ftrace (bsc#1126040).
- arm64: module: do not BUG when exceeding preallocated PLT count (bsc#1126040).
- arm64: module: split core and init PLT sections (bsc#1126040).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1106929)
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: comment on direct access to bvec table (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_device_init() (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#1012382).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bnc#1012382).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bnc#1012382).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: trace missed reading by cache_missed (bsc#1130972).
- bcache: treat stale && dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- bcache: writeback: properly order backing device IO (bsc#1130972).
- binfmt_elf: switch to new creds when switching to new mm (bnc#1012382).
- bitops: avoid integer overflow in GENMASK(_ULL) (bnc#1012382).
- block: check_events: do not bother with events if unsupported (bsc#1110946).
- block: disk_events: introduce event flags (bsc#1110946).
- block: do not leak memory in bio_copy_user_iov() (bnc#1012382).
- block: fix use-after-free on gendisk (bsc#1136448).
- bnxt_en: Improve multicast address setup logic (bnc#1012382).
- bonding: fix arp_validate toggling in active-backup mode (bnc#1012382).
- bonding: fix event handling for stacked bonds (bnc#1012382).
- bonding: show full hw address in sysfs for slave entries (bnc#1012382).
- bpf: reject wrong sized filters earlier (bnc#1012382).
- bridge: Fix error path for kobject_init_and_add() (bnc#1012382).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1134338).
- btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root lifespan (bsc#1134651).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- cdc-acm: cleaning up debug in data submission path (bsc#1136539).
- cdc-acm: fix race between reset and control messaging (bsc#1106110).
- cdc-acm: handle read pipe errors (bsc#1135878).
- cdc-acm: reassemble fragmented notifications (bsc#1136590).
- cdc-acm: store in and out pipes in acm structure (bsc#1136575).
- cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012382).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134564).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134565).
- ceph: only use d_name directly when parent is locked (bsc#1134566).
- cifs: Fix NULL pointer dereference of devname (bnc#1012382).
- cifs: do not attempt cifs operation on smb2+ rename error (bnc#1012382).
- cifs: fallback to older infolevels on findfirst queryinfo retry (bnc#1012382).
- cifs: use correct format characters (bnc#1012382).
- clk: fix mux clock documentation (bsc#1090888).
- coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012382).
- cpu/speculation: Add 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).
- cpupower: remove stringop-truncation waring (bsc#1119086).
- crypto: crypto4xx - properly set IV after de- and encrypt (bnc#1012382).
- crypto: sha256/arm - fix crash bug in Thumb2 build (bnc#1012382).
- crypto: sha512/arm - fix crash bug in Thumb2 build (bnc#1012382).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1135661, bsc#1137162).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1135661, bsc#1137162).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: vmx: Only call enable_kernel_vsx() (bsc#1135661, bsc#1137162).
- crypto: x86/poly1305 - fix overflow during partial reduction (bnc#1012382).
- debugfs: fix use-after-free on symlink traversal (bnc#1012382).
- device_cgroup: fix RCU imbalance in error case (bnc#1012382).
- dm thin: add sanity checks to thin-pool and external snapshot creation (bnc#1012382).
- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#1012382).
- dmaengine: tegra: avoid overflow of byte tracking (bnc#1012382).
- drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl (bnc#1012382).
- drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl (bnc#1012382).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1106929)
- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#1012382).
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bnc#1106929)
- drm/i915: Fix I915_EXEC_RING_MASK (bnc#1106929)
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1106929)
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1106929)
- drm/vc4: Account for interrupts in flight (bsc#1106929)
- drm/vc4: Allocate the right amount of space for boot-time CRTC state. (bsc#1106929)
- drm/vc4: Fix NULL pointer dereference in vc4_save_hang_state() (bsc#1106929)
- drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. (bsc#1106929)
- drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos() (bsc#1106929)
- drm/vc4: Fix compilation error reported by kbuild test bot (bsc#1106929)
- drm/vc4: Fix memory leak during gpu reset. (bsc#1106929)
- drm/vc4: Fix memory leak of the CRTC state. (bsc#1106929)
- drm/vc4: Fix oops when userspace hands in a bad BO. (bsc#1106929)
- drm/vc4: Fix overflow mem unreferencing when the binner runs dry. (bsc#1106929)
- drm/vc4: Fix races when the CS reads from render targets. (bsc#1106929)
- drm/vc4: Fix scaling of uni-planar formats (bsc#1106929)
- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1106929)
- drm/vc4: Flush the caches before the bin jobs, as well. (bsc#1106929)
- drm/vc4: Free hang state before destroying BO cache. (bsc#1106929)
- drm/vc4: Move IRQ enable to PM path (bsc#1106929)
- drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar (bsc#1106929)
- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1106929)
- drm/vc4: Use drm_free_large() on handles to match its allocation. (bsc#1106929)
- drm/vc4: fix a bounds check (bsc#1106929)
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1106929)
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to (bsc#1106929)
- dt-bindings: rcar-dmac: Document missing error interrupt (bsc#1085535).
- e1000e: Add Support for 38.4MHZ frequency (bsc#1108293 ).
- e1000e: Add Support for CannonLake (bsc#1108293).
- e1000e: Fix -Wformat-truncation warnings (bnc#1012382).
- e1000e: Initial Support for CannonLake (bsc#1108293 ).
- enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012382).
- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1136458).
- ext4: Return EAGAIN in case of DIO is beyond end of file (bsc#1136810).
- ext4: actually request zeroing of inode table after grow (bsc#1136451).
- ext4: add missing brelse() in add_new_gdb_meta_bg() (bnc#1012382).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012382).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1136452).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1136449).
- ext4: make sure enough credits are reserved for dioread_nolock writes (bsc#1136623).
- ext4: prohibit fstrim in norecovery mode (bnc#1012382).
- ext4: report real fs size after failed resize (bnc#1012382).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- f2fs: do not use mutex lock in atomic context (bnc#1012382).
- f2fs: fix to do sanity check with current segment number (bnc#1012382).
- fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#1012382).
- fix incorrect error code mapping for OBJECTID_NOT_FOUND (bnc#1012382).
- fs/file.c: initialize init_files.resize_wait (bnc#1012382).
- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bnc#1012382).
- fs: fix guard_bio_eod to check for real EOD errors (bnc#1012382).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- genirq: Prevent use-after-free and work list corruption (bnc#1012382).
- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bnc#1012382).
- gpio: gpio-omap: fix level interrupt idling (bnc#1012382).
- gpu: ipu-v3: dp: fix CSC handling (bnc#1012382).
- h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#1012382).
- hugetlbfs: fix memory leak for resv_map (bnc#1012382).
- hwrng: virtio - Avoid repeated init of completion (bnc#1012382).
- i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (bnc#1012382).
- ibmvnic: Add device identification to requested IRQs (bsc#1137739).
- ibmvnic: Do not close unopened driver during reset (bsc#1137752).
- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
- ibmvnic: Refresh device multicast list after reset (bsc#1137752).
- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
- igb: Fix WARN_ONCE on runtime suspend (bnc#1012382).
- iio/gyro/bmg160: Use millidegrees for temperature scale (bnc#1012382).
- iio: ad_sigma_delta: select channel when reading register (bnc#1012382).
- iio: adc: at91: disable adc channel interrupt in timeout case (bnc#1012382).
- iio: adc: xilinx: fix potential use-after-free on remove (bnc#1012382).
- include/linux/bitrev.h: fix constant bitrev (bnc#1012382).
- include/linux/swap.h: use offsetof() instead of custom __swapoffset macro (bnc#1012382).
- init: initialize jump labels before command line option parsing (bnc#1012382).
- io: accel: kxcjk1013: restore the range after resume (bnc#1012382).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135013).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135014).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135015).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (bnc#1012382).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1135120).
- ipv4: Fix raw socket lookup for local traffic (bnc#1012382).
- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (bnc#1012382).
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (bnc#1012382).
- ipv4: recompile ip options in ipv4_link_failure (bnc#1012382).
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (bnc#1012382).
- ipv6/flowlabel: wait rcu grace period before put_pid() (bnc#1012382).
- ipv6: Fix dangling pointer when ipv6 fragment (bnc#1012382).
- ipv6: fix a potential deadlock in do_ipv6_setsockopt() (bnc#1012382).
- ipv6: invert flowlabel sharing check in process and user mode (bnc#1012382).
- ipv6: sit: reset ip header pointer in ipip6_rcv (bnc#1012382).
- ipvs: do not schedule icmp errors from tunnels (bnc#1012382).
- jffs2: fix use-after-free on symlink traversal (bnc#1012382).
- kABI: protect ring_buffer_read_prepare (kabi).
- kABI: protect struct tlb_state (kabi).
- kABI: protect struct usb_interface (kabi).
- kABI: restore ___ptrace_may_access (kabi).
- kABI: restore icmp_send (kabi).
- kabi: arm64: fix kabi breakage on arch specific module (bsc#1126040)
- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
- kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD (bnc#1012382).
- kbuild: simplify ld-option implementation (bnc#1012382).
- kconfig/[mn]conf: handle backspace (^H) key (bnc#1012382).
- kconfig: display recursive dependency resolution hint just once (bsc#1100132).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bnc#1012382).
- keys: Timestamp new keys (bsc#1120902).
- kprobes: Fix error check when reusing optimized probes (bnc#1012382).
- kprobes: Mark ftrace mcount handler functions nokprobe (bnc#1012382).
- kprobes: Prohibit probing on bsearch() (bnc#1012382).
- leds: lp55xx: fix null deref on firmware load failure (bnc#1012382).
- lib/div64.c: off by one in shift (bnc#1012382).
- lib/int_sqrt: optimize initial value compute (bnc#1012382).
- lib/string.c: implement a basic bcmp (bnc#1012382).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- libata: fix using DMA buffers on stack (bnc#1012382).
- libnvdimm/btt: Fix a kmemdup failure check (bnc#1012382).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mac80211: do not call driver wake_tx_queue op during reconfig (bnc#1012382).
- mac80211_hwsim: validate number of different channels (bsc#1085539).
- md: use mddev_suspend/resume instead of ->quiesce() (bsc#1132212).
- media: mt9m111: set initial frame size other than 0x0 (bnc#1012382).
- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: pvrusb2: Prevent a buffer overflow (bsc#1135642).
- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#1012382).
- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: v4l2: i2c: ov7670: Fix PLL bypass register values (bnc#1012382).
- media: vb2: do not call __vb2_queue_cancel if vb2_start_streaming failed (bsc#1120902).
- mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012382).
- mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012382).
- mm/slab.c: kmemleak no scan alien caches (bnc#1012382).
- mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012382).
- mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n (bnc#1012382).
- mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bnc#1012382).
- mmc: davinci: remove extraneous __init annotation (bnc#1012382).
- mmc: omap: fix the maximum timeout setting (bnc#1012382).
- modpost: file2alias: check prototype of handler (bnc#1012382).
- modpost: file2alias: go back to simple devtable lookup (bnc#1012382).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mt7601u: bump supported EEPROM version (bnc#1012382).
- mtd: Fix comparison in map_word_andequal() (git-fixes).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- net/ibmvnic: Remove tests of member address (bsc#1137739).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net: atm: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (bnc#1012382).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1117562).
- net: ethernet: ti: fix possible object reference leak (bnc#1012382).
- net: ethtool: not call vzalloc for zero sized memory request (bnc#1012382).
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (bnc#1012382).
- net: hns: Fix WARNING when remove HNS driver with SMMU enabled (bnc#1012382).
- net: hns: Use NAPI_POLL_WEIGHT for hns driver (bnc#1012382).
- net: ibm: fix possible object reference leak (bnc#1012382).
- net: ks8851: Delay requesting IRQ until opened (bnc#1012382).
- net: ks8851: Dequeue RX packets explicitly (bnc#1012382).
- net: ks8851: Reassert reset pin if chip ID check fails (bnc#1012382).
- net: ks8851: Set initial carrier state to down (bnc#1012382).
- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock() (bnc#1012382).
- net: stmmac: move stmmac_check_ether_addr() to driver probe (bnc#1012382).
- net: ucc_geth - fix Oops when changing number of buffers in the ring (bnc#1012382).
- net: xilinx: fix possible object reference leak (bnc#1012382).
- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (bnc#1012382).
- netfilter: compat: initialize all fields in xt_init (bnc#1012382).
- netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON (bnc#1012382).
- netfilter: physdev: relax br_netfilter dependency (bnc#1012382).
- netns: provide pure entropy for net_hash_mix() (bnc#1012382).
- nfs: clean up rest of reqs when failing to add one (git-fixes).
- nfsd: Do not release the callback slot unless it was actually held (bnc#1012382).
- ntp: Allow TAI-UTC offset to be set to zero (bsc#1135642).
- nvme-fc: resolve io failures during connect (bsc#1116803).
- nvme: Do not allow to reset a reconnecting controller (bsc#1133874).
- ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012382).
- openvswitch: fix flow actions reallocation (bnc#1012382).
- pNFS: Skip invalid stateids when doing a bulk destroy (git-fixes).
- packet: Fix error path in packet_init (bnc#1012382).
- packet: validate msg_namelen in send directly (bnc#1012382).
- perf evsel: Free evsel->counts in perf_evsel__exit() (bnc#1012382).
- perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012382).
- perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() (bnc#1012382).
- perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test (bnc#1012382).
- perf top: Fix error handling in cmd_top() (bnc#1012382).
- perf/core: Restore mmap record type correctly (bnc#1012382).
- perf/x86/intel: Allow PEBS multi-entry in watermark mode (git-fixes).
- perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS (bnc#1012382).
- platform/x86: sony-laptop: Fix unintentional fall-through (bnc#1012382).
- powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (bnc#1012382).
- powerpc/64: Call setup_barrier_nospec() from setup_arch() (bnc#1012382 bsc#1131107).
- powerpc/64: Make meltdown reporting Book3S 64 specific (bnc#1012382).
- powerpc/64s: Include cpu header (bnc#1012382).
- powerpc/booke64: set RI in default MSR (bnc#1012382).
- powerpc/eeh: Fix race with driver un/bind (bsc#1066223).
- powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg (bnc#1012382).
- powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E (bnc#1012382).
- powerpc/fsl: Add infrastructure to fixup branch predictor flush (bnc#1012382).
- powerpc/fsl: Add macro to flush the branch predictor (bnc#1012382).
- powerpc/fsl: Add nospectre_v2 command line argument (bnc#1012382).
- powerpc/fsl: Emulate SPRN_BUCSR register (bnc#1012382).
- powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used (bnc#1012382).
- powerpc/fsl: Fix the flush of branch predictor (bnc#1012382).
- powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' (bnc#1012382).
- powerpc/fsl: Flush branch predictor when entering KVM (bnc#1012382).
- powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) (bnc#1012382).
- powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) (bnc#1012382).
- powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms (bnc#1012382).
- powerpc/fsl: Update Spectre v2 reporting (bnc#1012382).
- powerpc/lib: fix book3s/32 boot failure due to code patching (bnc#1012382).
- powerpc/perf: Add blacklisted events for Power9 DD2.1 (bsc#1053043).
- powerpc/perf: Add blacklisted events for Power9 DD2.2 (bsc#1053043).
- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
- powerpc/perf: Infrastructure to support addition of blacklisted events (bsc#1053043).
- powerpc/process: Fix sparse address space warnings (bsc#1066223).
- powerpc/xmon: Add RFI flush related fields to paca dump (bnc#1012382).
- qede: fix write to free'd pointer error and double free of ptp (bsc#1019695 bsc#1019696).
- qlcnic: Avoid potential NULL pointer dereference (bnc#1012382).
- qmi_wwan: add Olicard 600 (bnc#1012382).
- regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#1012382).
- rsi: improve kernel thread handling to fix kernel panic (bnc#1012382).
- rtc: da9063: set uie_unsupported when relevant (bnc#1012382).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bnc#1012382).
- s390/3270: fix lockdep false positive on view->lock (bnc#1012382).
- s390/dasd: Fix capacity calculation for large volumes (bnc#1012382).
- s390: ctcm: fix ctcm_new_device error return code (bnc#1012382).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bnc#1012382).
- sc16is7xx: move label 'err_spi' to correct section (git-fixes).
- sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (bnc#1012382).
- sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (bnc#1012382).
- sched/numa: Fix a possible divide-by-zero (bnc#1012382).
- sched: Add sched_smt_active() (bnc#1012382).
- scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#1012382).
- scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (bnc#1012382).
- scsi: libsas: fix a race condition when smp task timeout (bnc#1012382).
- scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012382).
- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bnc#1012382).
- scsi: qla4xxx: fix a potential NULL pointer dereference (bnc#1012382).
- scsi: storvsc: Fix calculation of sub-channel count (bnc#1012382).
- scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN (bnc#1012382).
- sctp: initialize _pad of sockaddr_in before copying to user memory (bnc#1012382).
- selftests/net: correct the return value for run_netsocktests (bnc#1012382).
- selinux: never allow relabeling on context mounts (bnc#1012382).
- serial: uartps: console_setup() can't be placed to init section (bnc#1012382).
- slip: make slhc_free() silently accept an error pointer (bnc#1012382).
- soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012382).
- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012382).
- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bnc#1012382).
- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bnc#1012382).
- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bnc#1012382).
- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bnc#1012382).
- staging: iio: adt7316: allow adt751x to use internal vref for all dacs (bnc#1012382).
- staging: iio: adt7316: fix the dac read calculation (bnc#1012382).
- staging: iio: adt7316: fix the dac write calculation (bnc#1012382).
- supported.conf: add lib/crc64 because bcache uses it
- sysctl: handle overflow for file-max (bnc#1012382).
- tcp: Ensure DCTCP reacts to losses (bnc#1012382).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- tcp: tcp_grow_window() needs to respect tcp_space() (bnc#1012382).
- team: fix possible recursive locking when add slaves (bnc#1012382).
- thermal/int340x_thermal: Add additional UUIDs (bnc#1012382).
- thermal/int340x_thermal: fix mode setting (bnc#1012382).
- timer/debug: Change /proc/timer_stats from 0644 to 0600 (bnc#1012382).
- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bnc#1012382).
- tipc: check link name with right length in tipc_nl_compat_link_set (bnc#1012382).
- tipc: handle the err returned from cmd header function (bnc#1012382).
- tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012382).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tools/power turbostat: return the exit status of a command (bnc#1012382).
- tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bnc#1012382).
- tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete (bnc#1012382).
- trace: Fix preempt_enable_no_resched() abuse (bnc#1012382).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- tracing: kdb: Fix ftdump to not sleep (bnc#1012382).
- treewide: Use DEVICE_ATTR_WO (bsc#1137739).
- tty/serial: atmel: Add is_half_duplex helper (bnc#1012382).
- tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped (bnc#1012382).
- tty: increase the default flip buffer limit to 2*640K (bnc#1012382).
- tty: ldisc: add sysctl to prevent autoloading of ldiscs (bnc#1012382).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1136455).
- usb: cdc-acm: fix race during wakeup blocking TX traffic (bsc#1129770).
- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bnc#1012382).
- usb: dwc3: Fix default lpm_nyet_threshold value (bnc#1012382).
- usb: gadget: net2272: Fix net2272_dequeue() (bnc#1012382).
- usb: gadget: net2280: Fix net2280_dequeue() (bnc#1012382).
- usb: gadget: net2280: Fix overrun of OUT messages (bnc#1012382).
- usb: u132-hcd: fix resource leak (bnc#1012382).
- usb: usbip: fix isoc packet num validation in get_pipe (bnc#1012382).
- usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set (bnc#1012382).
- usbnet: ipheth: prevent TX queue timeouts when device not ready (bnc#1012382).
- vfio/pci: use correct format characters (bnc#1012382).
- vlan: disable SIOCSHWTSTAMP in container (bnc#1012382).
- vrf: sit mtu should not be updated when vrf netdev is the link (bnc#1012382).
- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#1012382).
- x86/Kconfig: Select SCHED_SMT if SMP enabled (bnc#1012382).
- x86/MCE: Save microcode revision in machine check records (bnc#1012382).
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bnc#1012382).
- x86/bugs: Change L1TF mitigation string to match upstream (bnc#1012382).
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bnc#1012382).
- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bnc#1012382).
- x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#1012382).
- x86/build: Specify elf_i386 linker emulation explicitly for i386 objects (bnc#1012382).
- x86/cpu/bugs: Use __initconst for 'const' init data (bnc#1012382).
- x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors (bnc#1012382).
- x86/cpufeatures: Hide AMD-specific speculation flags (bnc#1012382).
- x86/hpet: Prevent potential NULL pointer dereference (bnc#1012382).
- x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error (bnc#1012382).
- x86/kprobes: Verify stack frame on kretprobe (bnc#1012382).
- x86/mds: Add MDSUM variant to the MDS documentation (bnc#1012382).
- x86/microcode/intel: Add a helper which gives the microcode revision (bnc#1012382).
- x86/microcode/intel: Check microcode revision before updating sibling threads (bnc#1012382).
- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bnc#1012382).
- x86/microcode: Update the new microcode revision unconditionally (bnc#1012382).
- x86/mm: Use WRITE_ONCE() when setting PTEs (bnc#1012382).
- x86/process: Consolidate and simplify switch_to_xtra() code (bnc#1012382).
- x86/speculataion: Mark command line parser data __initdata (bnc#1012382).
- x86/speculation/l1tf: Document l1tf in sysfs (bnc#1012382).
- x86/speculation/mds: Fix comment (bnc#1012382).
- x86/speculation/mds: Fix documentation typo (bnc#1012382).
- x86/speculation: Add command line control for indirect branch speculation (bnc#1012382).
- x86/speculation: Add prctl() control for indirect branch speculation (bnc#1012382).
- x86/speculation: Add seccomp Spectre v2 user space protection mode (bnc#1012382).
- x86/speculation: Avoid __switch_to_xtra() calls (bnc#1012382).
- x86/speculation: Clean up spectre_v2_parse_cmdline() (bnc#1012382).
- x86/speculation: Disable STIBP when enhanced IBRS is in use (bnc#1012382).
- x86/speculation: Enable prctl mode for spectre_v2_user (bnc#1012382).
- x86/speculation: Mark string arrays const correctly (bnc#1012382).
- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bnc#1012382).
- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bnc#1012382).
- x86/speculation: Prepare for conditional IBPB in switch_mm() (bnc#1012382).
- x86/speculation: Prepare for per task indirect branch speculation control (bnc#1012382).
- x86/speculation: Prevent stale SPEC_CTRL msr content (bnc#1012382).
- x86/speculation: Provide IBPB always command line options (bnc#1012382).
- x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation (bnc#1012382).
- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bnc#1012382).
- x86/speculation: Rename SSBD update functions (bnc#1012382).
- x86/speculation: Reorder the spec_v2 code (bnc#1012382).
- x86/speculation: Reorganize speculation control MSRs update (bnc#1012382).
- x86/speculation: Split out TIF update (bnc#1012382).
- x86/speculation: Support 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).
- x86/speculation: Support Enhanced IBRS on future CPUs (bnc#1012382).
- x86/speculation: Unify conditional spectre v2 print functions (bnc#1012382).
- x86/speculation: Update the TIF_SSBD comment (bnc#1012382).
- x86/vdso: Drop implicit common-page-size linker flag (bnc#1012382).
- x86/vdso: Pass --eh-frame-hdr to the linker (git-fixes).
- x86: vdso: Use $LD instead of $CC to link (bnc#1012382).
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- xen: Prevent buffer overflow in privcmd ioctl (bnc#1012382).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xsysace: Fix error handling in ace_setup (bnc#1012382).
- xtensa: fix return_address (bnc#1012382).
Patchnames
SUSE-2019-1527,SUSE-SLE-SERVER-12-SP3-2019-1527
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can\n trigger an integer overflow, leading to a kernel panic. (bsc#1137586)\n\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which\n will fragment the TCP retransmission queue. An attacker may have been able to\n further exploit the fragmented queue to cause an expensive linked-list walk\n for subsequent SACKs received for that same TCP connection.\n\n- CVE-2019-11479: It was possible to send a crafted sequence of SACKs which\n will fragment the RACK send map. A remote attacker may be able to further\n exploit the fragmented send map to cause an expensive linked-list walk for\n subsequent SACKs received for that same TCP connection. This would have\n resulted in excess resource consumption due to low mss values.\n\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly\n escalate privileges was found in the mwifiex kernel module while connecting\n to a malicious wireless network. (bnc#1136424)\n\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in\n drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked\n kstrdup of fwstr, which might allow an attacker to cause a denial of service\n (NULL pointer dereference and system crash). (bnc#1136586)\n\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux\n kernel allowed local attackers to observe page cache access patterns of other\n processes on the same system, potentially allowing sniffing of secret\n information. (Fixing this affects the output of the fincore program.) Limited\n remote exploitation may be possible, as demonstrated by latency differences\n in accessing public files from an Apache HTTP Server. (bnc#1120843).\n\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the\n unused memory region in the extent tree block, which might allow local users\n to obtain sensitive information by reading uninitialized data in the\n filesystem. (bnc#1135281)\n\n- CVE-2018-7191: In the tun subsystem in the Linux kernel before 4.13.14,\n dev_get_valid_name is not called before register_netdevice. This allowed\n local users to cause a denial of service (NULL pointer dereference and panic)\n via an ioctl(TUNSETIFF) call with a dev name containing a / character. This\n is similar to CVE-2013-4343. (bnc#1135603)\n\n- CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on setuid\n programs (such as /bin/su) because install_exec_creds() is called too late in\n load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check\n has a race condition when reading /proc/pid/stat. (bnc#1131543)\n\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c\n in the Linux kernel There was a race condition leading to a use-after-free,\n related to net namespace cleanup. (bnc#1134537)\n\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c\n in the Linux kernel allowed a local user to obtain potentially sensitive\n information from kernel stack memory via a HIDPCONNADD command, because a\n name field may not end with a '\\0' character. (bnc#1134848)\n\n- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in\n fs/proc/base.c in the Linux kernel It did not ensure that only root may\n inspect the kernel stack of an arbitrary task, allowing a local attacker to\n exploit racy stack unwinding and leak kernel task stack contents.\n (bnc#1110785)\n\n- CVE-2019-11486: The Siemens R3964 line discipline driver in\n drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions.\n (bnc#1133188)\n\nThe following new features were implemented:\n\n- Updated the Chelsio cxgb4vf driver with the latest upstream patches.\n (fate#321660)\n\n- Backported changes into e1000e kernel module to support systems using the\n Intel I219-LM NIC chip. (fate#326719)\n\n- Import QLogic/Cavium qedr driver (RDMA) into the kernel. (fate#321747)\n\n- Update the QLogic/Cavium qed driver (NET). (fate#321703)\n\n- Update the QLogic/Cavium qede driver (NET). (fate#321702)\n\n- Update the Chelsio iw_cxgb4 driver with the latest upstream patches.\n (fate#321661)\n\n- Update the Chelsio cxgb4 driver with the latest upstream patches.\n (fate#321658)\n\n- Update support for Intel Omni Path (OPA) kernel driver. (fate#321473)\n\n- Update the QIB driver to the latest upstream version for up-to-date\n functionality and hardware support. (fate#321231)\n\nThe following non-security bugs were fixed:\n\n- 9p locks: add mount option for lock retry interval (bnc#1012382).\n- 9p: do not trust pdu content for stat item size (bnc#1012382).\n- ACPI / SBS: Fix GPE storm on recent MacBookPro's (bnc#1012382).\n- ALSA: PCM: check if ops are defined before suspending PCM (bnc#1012382).\n- ALSA: core: Fix card races between register and disconnect (bnc#1012382).\n- ALSA: echoaudio: add a check for ioremap_nocache (bnc#1012382).\n- ALSA: info: Fix racy addition/deletion of nodes (bnc#1012382).\n- ALSA: line6: use dynamic buffers (bnc#1012382).\n- ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration (bnc#1012382).\n- ALSA: sb8: add a check for request_region (bnc#1012382).\n- ALSA: seq: Fix OOB-reads from strlcpy (bnc#1012382).\n- ARM: 8833/1: Ensure that NEON code always compiles with Clang (bnc#1012382).\n- ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bnc#1012382).\n- ARM: 8840/1: use a raw_spinlock_t in unwind (bnc#1012382).\n- ARM: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012382).\n- ARM: dts: at91: Fix typo in ISC_D0 on PC9 (bnc#1012382).\n- ARM: dts: pfla02: increase phy reset duration (bnc#1012382).\n- ARM: iop: do not use using 64-bit DMA masks (bnc#1012382).\n- ARM: orion: do not use using 64-bit DMA masks (bnc#1012382).\n- ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bnc#1012382).\n- ASoC: Intel: avoid Oops if DMA setup fails (bnc#1012382).\n- ASoC: cs4270: Set auto-increment bit for register writes (bnc#1012382).\n- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc#1012382).\n- ASoC: fsl_esai: fix channel swap issue when stream starts (bnc#1012382).\n- ASoC: tlv320aic32x4: Fix Common Pins (bnc#1012382).\n- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bnc#1012382).\n- Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bnc#1012382).\n- Bluetooth: Fix decrementing reference count twice in releasing socket (bnc#1012382).\n- CIFS: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- Correct bsc/FATE numbers.\n- Do not jump to compute_result state from check_result state (bnc#1012382).\n- Documentation: Add MDS vulnerability documentation (bnc#1012382).\n- Documentation: Add nospectre_v1 parameter (bnc#1012382).\n- Documentation: Correct the possible MDS sysfs values (bnc#1012382).\n- Documentation: Move L1TF to separate directory (bnc#1012382).\n- HID: debug: fix race condition with between rdesc_show() and device removal (bnc#1012382).\n- HID: input: add mapping for Expose/Overview key (bnc#1012382).\n- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bnc#1012382).\n- IB/hfi1: Eliminate opcode tests on mr deref ().\n- IB/hfi1: Unreserve a reserved request when it is completed ().\n- IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bnc#1012382).\n- IB/mlx4: Increase the timeout for CM cache (bnc#1012382).\n- IB/rdmavt: Add wc_flags and wc_immdata to cq entry trace ().\n- IB/rdmavt: Fix frwr memory registration ().\n- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bnc#1012382).\n- KVM: fail KVM_SET_VCPU_EVENTS with invalid exception number (bnc#1012382).\n- KVM: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bnc#1012382).\n- KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (bnc#1012382).\n- MIPS: scall64-o32: Fix indirect syscall number load (bnc#1012382).\n- NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).\n- NFS: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).\n- NFS: Fix I/O request leakages (git-fixes).\n- NFS: Forbid setting AF_INET6 to 'struct sockaddr_in'->sin_family (bnc#1012382).\n- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bnc#1012382).\n- PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1137142).\n- PCI: Mark Atheros AR9462 to avoid bus reset (bsc#1135642).\n- PCI: xilinx-nwl: Add missing of_node_put() (bsc#1100132).\n- RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1005778 bsc#1005780 bsc#1005781).\n- RDMA/qedr: Fix out of bounds index check in query pkey (bsc#1022604).\n- Revert 'block/loop: Use global lock for ioctl() operation.' (bnc#1012382).\n- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946).\n- Revert 'cpu/speculation: Add 'mitigations=' cmdline option' (stable backports).\n- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).\n- Revert 'kbuild: use -Oz instead of -Os when using clang' (bnc#1012382).\n- Revert 'locking/lockdep: Add debug_locks check in __lock_downgrade()' (bnc#1012382).\n- Revert 'netns: provide pure entropy for net_hash_mix()' (kabi).\n- Revert 'sched: Add sched_smt_active()' (stable backports).\n- Revert 'x86/MCE: Save microcode revision in machine check records' (kabi).\n- Revert 'x86/kprobes: Verify stack frame on kretprobe' (kabi).\n- Revert 'x86/speculation/mds: Add 'mitigations=' support for MDS' (stable backports).\n- Revert 'x86/speculation: Support 'mitigations=' cmdline option' (stable backports).\n- SoC: imx-sgtl5000: add missing put_device() (bnc#1012382).\n- UAS: fix alignment of scatter/gather segments (bnc#1012382 bsc#1129770).\n- UAS: fix alignment of scatter/gather segments (bsc#1129770).\n- USB: Add new USB LPM helpers (bsc#1129770).\n- USB: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770).\n- USB: cdc-acm: fix unthrottle races (bsc#1135642).\n- USB: core: Fix bug caused by duplicate interface PM usage counter (bnc#1012382).\n- USB: core: Fix unterminated string returned by usb_string() (bnc#1012382).\n- USB: serial: fix unthrottle races (bnc#1012382).\n- USB: serial: use variable for status (bnc#1012382).\n- USB: w1 ds2490: Fix bug caused by improper use of altsetting array (bnc#1012382).\n- USB: yurex: Fix protection fault after device removal (bnc#1012382).\n- X.509: unpack RSA signatureValue field from BIT STRING (git-fixes).\n- appletalk: Fix compile regression (bnc#1012382).\n- appletalk: Fix use-after-free in atalk_proc_exit (bnc#1012382).\n- arm64/kernel: do not ban ADRP to work around Cortex-A53 erratum #843419 (bsc#1126040).\n- arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp (bsc#1126040).\n- arm64: Add helper to decode register from instruction (bsc#1126040).\n- arm64: debug: Do not propagate UNKNOWN FAR into si_code for debug signals (bnc#1012382).\n- arm64: debug: Ensure debug handlers check triggering exception level (bnc#1012382).\n- arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#1012382).\n- arm64: futex: Restore oldval initialization to work around buggy compilers (bnc#1012382).\n- arm64: module-plts: factor out PLT generation code for ftrace (bsc#1126040).\n- arm64: module: do not BUG when exceeding preallocated PLT count (bsc#1126040).\n- arm64: module: split core and init PLT sections (bsc#1126040).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1106929)\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: comment on direct access to bvec table (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_device_init() (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#1012382).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bnc#1012382).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bnc#1012382).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: trace missed reading by cache_missed (bsc#1130972).\n- bcache: treat stale && dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- bcache: writeback: properly order backing device IO (bsc#1130972).\n- binfmt_elf: switch to new creds when switching to new mm (bnc#1012382).\n- bitops: avoid integer overflow in GENMASK(_ULL) (bnc#1012382).\n- block: check_events: do not bother with events if unsupported (bsc#1110946).\n- block: disk_events: introduce event flags (bsc#1110946).\n- block: do not leak memory in bio_copy_user_iov() (bnc#1012382).\n- block: fix use-after-free on gendisk (bsc#1136448).\n- bnxt_en: Improve multicast address setup logic (bnc#1012382).\n- bonding: fix arp_validate toggling in active-backup mode (bnc#1012382).\n- bonding: fix event handling for stacked bonds (bnc#1012382).\n- bonding: show full hw address in sysfs for slave entries (bnc#1012382).\n- bpf: reject wrong sized filters earlier (bnc#1012382).\n- bridge: Fix error path for kobject_init_and_add() (bnc#1012382).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1134338).\n- btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root lifespan (bsc#1134651).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- cdc-acm: cleaning up debug in data submission path (bsc#1136539).\n- cdc-acm: fix race between reset and control messaging (bsc#1106110).\n- cdc-acm: handle read pipe errors (bsc#1135878).\n- cdc-acm: reassemble fragmented notifications (bsc#1136590).\n- cdc-acm: store in and out pipes in acm structure (bsc#1136575).\n- cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012382).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134564).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134565).\n- ceph: only use d_name directly when parent is locked (bsc#1134566).\n- cifs: Fix NULL pointer dereference of devname (bnc#1012382).\n- cifs: do not attempt cifs operation on smb2+ rename error (bnc#1012382).\n- cifs: fallback to older infolevels on findfirst queryinfo retry (bnc#1012382).\n- cifs: use correct format characters (bnc#1012382).\n- clk: fix mux clock documentation (bsc#1090888).\n- coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012382).\n- cpu/speculation: Add 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).\n- cpupower: remove stringop-truncation waring (bsc#1119086).\n- crypto: crypto4xx - properly set IV after de- and encrypt (bnc#1012382).\n- crypto: sha256/arm - fix crash bug in Thumb2 build (bnc#1012382).\n- crypto: sha512/arm - fix crash bug in Thumb2 build (bnc#1012382).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1135661, bsc#1137162).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1135661, bsc#1137162).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: vmx: Only call enable_kernel_vsx() (bsc#1135661, bsc#1137162).\n- crypto: x86/poly1305 - fix overflow during partial reduction (bnc#1012382).\n- debugfs: fix use-after-free on symlink traversal (bnc#1012382).\n- device_cgroup: fix RCU imbalance in error case (bnc#1012382).\n- dm thin: add sanity checks to thin-pool and external snapshot creation (bnc#1012382).\n- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#1012382).\n- dmaengine: tegra: avoid overflow of byte tracking (bnc#1012382).\n- drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl (bnc#1012382).\n- drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl (bnc#1012382).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1106929)\n- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#1012382).\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bnc#1106929)\n- drm/i915: Fix I915_EXEC_RING_MASK (bnc#1106929)\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1106929)\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1106929)\n- drm/vc4: Account for interrupts in flight (bsc#1106929)\n- drm/vc4: Allocate the right amount of space for boot-time CRTC state. (bsc#1106929)\n- drm/vc4: Fix NULL pointer dereference in vc4_save_hang_state() (bsc#1106929)\n- drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. (bsc#1106929)\n- drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos() (bsc#1106929)\n- drm/vc4: Fix compilation error reported by kbuild test bot (bsc#1106929)\n- drm/vc4: Fix memory leak during gpu reset. (bsc#1106929)\n- drm/vc4: Fix memory leak of the CRTC state. (bsc#1106929)\n- drm/vc4: Fix oops when userspace hands in a bad BO. (bsc#1106929)\n- drm/vc4: Fix overflow mem unreferencing when the binner runs dry. (bsc#1106929)\n- drm/vc4: Fix races when the CS reads from render targets. (bsc#1106929)\n- drm/vc4: Fix scaling of uni-planar formats (bsc#1106929)\n- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1106929)\n- drm/vc4: Flush the caches before the bin jobs, as well. (bsc#1106929)\n- drm/vc4: Free hang state before destroying BO cache. (bsc#1106929)\n- drm/vc4: Move IRQ enable to PM path (bsc#1106929)\n- drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar (bsc#1106929)\n- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1106929)\n- drm/vc4: Use drm_free_large() on handles to match its allocation. (bsc#1106929)\n- drm/vc4: fix a bounds check (bsc#1106929)\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1106929)\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to (bsc#1106929)\n- dt-bindings: rcar-dmac: Document missing error interrupt (bsc#1085535).\n- e1000e: Add Support for 38.4MHZ frequency (bsc#1108293 ).\n- e1000e: Add Support for CannonLake (bsc#1108293).\n- e1000e: Fix -Wformat-truncation warnings (bnc#1012382).\n- e1000e: Initial Support for CannonLake (bsc#1108293 ).\n- enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012382).\n- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1136458).\n- ext4: Return EAGAIN in case of DIO is beyond end of file (bsc#1136810).\n- ext4: actually request zeroing of inode table after grow (bsc#1136451).\n- ext4: add missing brelse() in add_new_gdb_meta_bg() (bnc#1012382).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012382).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1136452).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1136449).\n- ext4: make sure enough credits are reserved for dioread_nolock writes (bsc#1136623).\n- ext4: prohibit fstrim in norecovery mode (bnc#1012382).\n- ext4: report real fs size after failed resize (bnc#1012382).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- f2fs: do not use mutex lock in atomic context (bnc#1012382).\n- f2fs: fix to do sanity check with current segment number (bnc#1012382).\n- fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#1012382).\n- fix incorrect error code mapping for OBJECTID_NOT_FOUND (bnc#1012382).\n- fs/file.c: initialize init_files.resize_wait (bnc#1012382).\n- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bnc#1012382).\n- fs: fix guard_bio_eod to check for real EOD errors (bnc#1012382).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- genirq: Prevent use-after-free and work list corruption (bnc#1012382).\n- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bnc#1012382).\n- gpio: gpio-omap: fix level interrupt idling (bnc#1012382).\n- gpu: ipu-v3: dp: fix CSC handling (bnc#1012382).\n- h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#1012382).\n- hugetlbfs: fix memory leak for resv_map (bnc#1012382).\n- hwrng: virtio - Avoid repeated init of completion (bnc#1012382).\n- i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (bnc#1012382).\n- ibmvnic: Add device identification to requested IRQs (bsc#1137739).\n- ibmvnic: Do not close unopened driver during reset (bsc#1137752).\n- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).\n- ibmvnic: Refresh device multicast list after reset (bsc#1137752).\n- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).\n- igb: Fix WARN_ONCE on runtime suspend (bnc#1012382).\n- iio/gyro/bmg160: Use millidegrees for temperature scale (bnc#1012382).\n- iio: ad_sigma_delta: select channel when reading register (bnc#1012382).\n- iio: adc: at91: disable adc channel interrupt in timeout case (bnc#1012382).\n- iio: adc: xilinx: fix potential use-after-free on remove (bnc#1012382).\n- include/linux/bitrev.h: fix constant bitrev (bnc#1012382).\n- include/linux/swap.h: use offsetof() instead of custom __swapoffset macro (bnc#1012382).\n- init: initialize jump labels before command line option parsing (bnc#1012382).\n- io: accel: kxcjk1013: restore the range after resume (bnc#1012382).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135013).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135014).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135015).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (bnc#1012382).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1135120).\n- ipv4: Fix raw socket lookup for local traffic (bnc#1012382).\n- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).\n- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (bnc#1012382).\n- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (bnc#1012382).\n- ipv4: recompile ip options in ipv4_link_failure (bnc#1012382).\n- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (bnc#1012382).\n- ipv6/flowlabel: wait rcu grace period before put_pid() (bnc#1012382).\n- ipv6: Fix dangling pointer when ipv6 fragment (bnc#1012382).\n- ipv6: fix a potential deadlock in do_ipv6_setsockopt() (bnc#1012382).\n- ipv6: invert flowlabel sharing check in process and user mode (bnc#1012382).\n- ipv6: sit: reset ip header pointer in ipip6_rcv (bnc#1012382).\n- ipvs: do not schedule icmp errors from tunnels (bnc#1012382).\n- jffs2: fix use-after-free on symlink traversal (bnc#1012382).\n- kABI: protect ring_buffer_read_prepare (kabi).\n- kABI: protect struct tlb_state (kabi).\n- kABI: protect struct usb_interface (kabi).\n- kABI: restore ___ptrace_may_access (kabi).\n- kABI: restore icmp_send (kabi).\n- kabi: arm64: fix kabi breakage on arch specific module (bsc#1126040)\n- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).\n- kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD (bnc#1012382).\n- kbuild: simplify ld-option implementation (bnc#1012382).\n- kconfig/[mn]conf: handle backspace (^H) key (bnc#1012382).\n- kconfig: display recursive dependency resolution hint just once (bsc#1100132).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bnc#1012382).\n- keys: Timestamp new keys (bsc#1120902).\n- kprobes: Fix error check when reusing optimized probes (bnc#1012382).\n- kprobes: Mark ftrace mcount handler functions nokprobe (bnc#1012382).\n- kprobes: Prohibit probing on bsearch() (bnc#1012382).\n- leds: lp55xx: fix null deref on firmware load failure (bnc#1012382).\n- lib/div64.c: off by one in shift (bnc#1012382).\n- lib/int_sqrt: optimize initial value compute (bnc#1012382).\n- lib/string.c: implement a basic bcmp (bnc#1012382).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- libata: fix using DMA buffers on stack (bnc#1012382).\n- libnvdimm/btt: Fix a kmemdup failure check (bnc#1012382).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mac80211: do not call driver wake_tx_queue op during reconfig (bnc#1012382).\n- mac80211_hwsim: validate number of different channels (bsc#1085539).\n- md: use mddev_suspend/resume instead of ->quiesce() (bsc#1132212).\n- media: mt9m111: set initial frame size other than 0x0 (bnc#1012382).\n- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1135642).\n- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#1012382).\n- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: v4l2: i2c: ov7670: Fix PLL bypass register values (bnc#1012382).\n- media: vb2: do not call __vb2_queue_cancel if vb2_start_streaming failed (bsc#1120902).\n- mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012382).\n- mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012382).\n- mm/slab.c: kmemleak no scan alien caches (bnc#1012382).\n- mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012382).\n- mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n (bnc#1012382).\n- mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bnc#1012382).\n- mmc: davinci: remove extraneous __init annotation (bnc#1012382).\n- mmc: omap: fix the maximum timeout setting (bnc#1012382).\n- modpost: file2alias: check prototype of handler (bnc#1012382).\n- modpost: file2alias: go back to simple devtable lookup (bnc#1012382).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mt7601u: bump supported EEPROM version (bnc#1012382).\n- mtd: Fix comparison in map_word_andequal() (git-fixes).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- net/ibmvnic: Remove tests of member address (bsc#1137739).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net: atm: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (bnc#1012382).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1117562).\n- net: ethernet: ti: fix possible object reference leak (bnc#1012382).\n- net: ethtool: not call vzalloc for zero sized memory request (bnc#1012382).\n- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (bnc#1012382).\n- net: hns: Fix WARNING when remove HNS driver with SMMU enabled (bnc#1012382).\n- net: hns: Use NAPI_POLL_WEIGHT for hns driver (bnc#1012382).\n- net: ibm: fix possible object reference leak (bnc#1012382).\n- net: ks8851: Delay requesting IRQ until opened (bnc#1012382).\n- net: ks8851: Dequeue RX packets explicitly (bnc#1012382).\n- net: ks8851: Reassert reset pin if chip ID check fails (bnc#1012382).\n- net: ks8851: Set initial carrier state to down (bnc#1012382).\n- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock() (bnc#1012382).\n- net: stmmac: move stmmac_check_ether_addr() to driver probe (bnc#1012382).\n- net: ucc_geth - fix Oops when changing number of buffers in the ring (bnc#1012382).\n- net: xilinx: fix possible object reference leak (bnc#1012382).\n- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (bnc#1012382).\n- netfilter: compat: initialize all fields in xt_init (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON (bnc#1012382).\n- netfilter: physdev: relax br_netfilter dependency (bnc#1012382).\n- netns: provide pure entropy for net_hash_mix() (bnc#1012382).\n- nfs: clean up rest of reqs when failing to add one (git-fixes).\n- nfsd: Do not release the callback slot unless it was actually held (bnc#1012382).\n- ntp: Allow TAI-UTC offset to be set to zero (bsc#1135642).\n- nvme-fc: resolve io failures during connect (bsc#1116803).\n- nvme: Do not allow to reset a reconnecting controller (bsc#1133874).\n- ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012382).\n- openvswitch: fix flow actions reallocation (bnc#1012382).\n- pNFS: Skip invalid stateids when doing a bulk destroy (git-fixes).\n- packet: Fix error path in packet_init (bnc#1012382).\n- packet: validate msg_namelen in send directly (bnc#1012382).\n- perf evsel: Free evsel->counts in perf_evsel__exit() (bnc#1012382).\n- perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012382).\n- perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() (bnc#1012382).\n- perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test (bnc#1012382).\n- perf top: Fix error handling in cmd_top() (bnc#1012382).\n- perf/core: Restore mmap record type correctly (bnc#1012382).\n- perf/x86/intel: Allow PEBS multi-entry in watermark mode (git-fixes).\n- perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS (bnc#1012382).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bnc#1012382).\n- powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (bnc#1012382).\n- powerpc/64: Call setup_barrier_nospec() from setup_arch() (bnc#1012382 bsc#1131107).\n- powerpc/64: Make meltdown reporting Book3S 64 specific (bnc#1012382).\n- powerpc/64s: Include cpu header (bnc#1012382).\n- powerpc/booke64: set RI in default MSR (bnc#1012382).\n- powerpc/eeh: Fix race with driver un/bind (bsc#1066223).\n- powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg (bnc#1012382).\n- powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E (bnc#1012382).\n- powerpc/fsl: Add infrastructure to fixup branch predictor flush (bnc#1012382).\n- powerpc/fsl: Add macro to flush the branch predictor (bnc#1012382).\n- powerpc/fsl: Add nospectre_v2 command line argument (bnc#1012382).\n- powerpc/fsl: Emulate SPRN_BUCSR register (bnc#1012382).\n- powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used (bnc#1012382).\n- powerpc/fsl: Fix the flush of branch predictor (bnc#1012382).\n- powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' (bnc#1012382).\n- powerpc/fsl: Flush branch predictor when entering KVM (bnc#1012382).\n- powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) (bnc#1012382).\n- powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) (bnc#1012382).\n- powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms (bnc#1012382).\n- powerpc/fsl: Update Spectre v2 reporting (bnc#1012382).\n- powerpc/lib: fix book3s/32 boot failure due to code patching (bnc#1012382).\n- powerpc/perf: Add blacklisted events for Power9 DD2.1 (bsc#1053043).\n- powerpc/perf: Add blacklisted events for Power9 DD2.2 (bsc#1053043).\n- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).\n- powerpc/perf: Infrastructure to support addition of blacklisted events (bsc#1053043).\n- powerpc/process: Fix sparse address space warnings (bsc#1066223).\n- powerpc/xmon: Add RFI flush related fields to paca dump (bnc#1012382).\n- qede: fix write to free'd pointer error and double free of ptp (bsc#1019695 bsc#1019696).\n- qlcnic: Avoid potential NULL pointer dereference (bnc#1012382).\n- qmi_wwan: add Olicard 600 (bnc#1012382).\n- regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#1012382).\n- rsi: improve kernel thread handling to fix kernel panic (bnc#1012382).\n- rtc: da9063: set uie_unsupported when relevant (bnc#1012382).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bnc#1012382).\n- s390/3270: fix lockdep false positive on view->lock (bnc#1012382).\n- s390/dasd: Fix capacity calculation for large volumes (bnc#1012382).\n- s390: ctcm: fix ctcm_new_device error return code (bnc#1012382).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bnc#1012382).\n- sc16is7xx: move label 'err_spi' to correct section (git-fixes).\n- sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (bnc#1012382).\n- sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (bnc#1012382).\n- sched/numa: Fix a possible divide-by-zero (bnc#1012382).\n- sched: Add sched_smt_active() (bnc#1012382).\n- scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#1012382).\n- scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (bnc#1012382).\n- scsi: libsas: fix a race condition when smp task timeout (bnc#1012382).\n- scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012382).\n- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bnc#1012382).\n- scsi: qla4xxx: fix a potential NULL pointer dereference (bnc#1012382).\n- scsi: storvsc: Fix calculation of sub-channel count (bnc#1012382).\n- scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN (bnc#1012382).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (bnc#1012382).\n- selftests/net: correct the return value for run_netsocktests (bnc#1012382).\n- selinux: never allow relabeling on context mounts (bnc#1012382).\n- serial: uartps: console_setup() can't be placed to init section (bnc#1012382).\n- slip: make slhc_free() silently accept an error pointer (bnc#1012382).\n- soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012382).\n- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012382).\n- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bnc#1012382).\n- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bnc#1012382).\n- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bnc#1012382).\n- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bnc#1012382).\n- staging: iio: adt7316: allow adt751x to use internal vref for all dacs (bnc#1012382).\n- staging: iio: adt7316: fix the dac read calculation (bnc#1012382).\n- staging: iio: adt7316: fix the dac write calculation (bnc#1012382).\n- supported.conf: add lib/crc64 because bcache uses it\n- sysctl: handle overflow for file-max (bnc#1012382).\n- tcp: Ensure DCTCP reacts to losses (bnc#1012382).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- tcp: tcp_grow_window() needs to respect tcp_space() (bnc#1012382).\n- team: fix possible recursive locking when add slaves (bnc#1012382).\n- thermal/int340x_thermal: Add additional UUIDs (bnc#1012382).\n- thermal/int340x_thermal: fix mode setting (bnc#1012382).\n- timer/debug: Change /proc/timer_stats from 0644 to 0600 (bnc#1012382).\n- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bnc#1012382).\n- tipc: check link name with right length in tipc_nl_compat_link_set (bnc#1012382).\n- tipc: handle the err returned from cmd header function (bnc#1012382).\n- tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012382).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tools/power turbostat: return the exit status of a command (bnc#1012382).\n- tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bnc#1012382).\n- tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete (bnc#1012382).\n- trace: Fix preempt_enable_no_resched() abuse (bnc#1012382).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- tracing: kdb: Fix ftdump to not sleep (bnc#1012382).\n- treewide: Use DEVICE_ATTR_WO (bsc#1137739).\n- tty/serial: atmel: Add is_half_duplex helper (bnc#1012382).\n- tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped (bnc#1012382).\n- tty: increase the default flip buffer limit to 2*640K (bnc#1012382).\n- tty: ldisc: add sysctl to prevent autoloading of ldiscs (bnc#1012382).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1136455).\n- usb: cdc-acm: fix race during wakeup blocking TX traffic (bsc#1129770).\n- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bnc#1012382).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bnc#1012382).\n- usb: gadget: net2272: Fix net2272_dequeue() (bnc#1012382).\n- usb: gadget: net2280: Fix net2280_dequeue() (bnc#1012382).\n- usb: gadget: net2280: Fix overrun of OUT messages (bnc#1012382).\n- usb: u132-hcd: fix resource leak (bnc#1012382).\n- usb: usbip: fix isoc packet num validation in get_pipe (bnc#1012382).\n- usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set (bnc#1012382).\n- usbnet: ipheth: prevent TX queue timeouts when device not ready (bnc#1012382).\n- vfio/pci: use correct format characters (bnc#1012382).\n- vlan: disable SIOCSHWTSTAMP in container (bnc#1012382).\n- vrf: sit mtu should not be updated when vrf netdev is the link (bnc#1012382).\n- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#1012382).\n- x86/Kconfig: Select SCHED_SMT if SMP enabled (bnc#1012382).\n- x86/MCE: Save microcode revision in machine check records (bnc#1012382).\n- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bnc#1012382).\n- x86/bugs: Change L1TF mitigation string to match upstream (bnc#1012382).\n- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bnc#1012382).\n- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bnc#1012382).\n- x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#1012382).\n- x86/build: Specify elf_i386 linker emulation explicitly for i386 objects (bnc#1012382).\n- x86/cpu/bugs: Use __initconst for 'const' init data (bnc#1012382).\n- x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors (bnc#1012382).\n- x86/cpufeatures: Hide AMD-specific speculation flags (bnc#1012382).\n- x86/hpet: Prevent potential NULL pointer dereference (bnc#1012382).\n- x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error (bnc#1012382).\n- x86/kprobes: Verify stack frame on kretprobe (bnc#1012382).\n- x86/mds: Add MDSUM variant to the MDS documentation (bnc#1012382).\n- x86/microcode/intel: Add a helper which gives the microcode revision (bnc#1012382).\n- x86/microcode/intel: Check microcode revision before updating sibling threads (bnc#1012382).\n- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bnc#1012382).\n- x86/microcode: Update the new microcode revision unconditionally (bnc#1012382).\n- x86/mm: Use WRITE_ONCE() when setting PTEs (bnc#1012382).\n- x86/process: Consolidate and simplify switch_to_xtra() code (bnc#1012382).\n- x86/speculataion: Mark command line parser data __initdata (bnc#1012382).\n- x86/speculation/l1tf: Document l1tf in sysfs (bnc#1012382).\n- x86/speculation/mds: Fix comment (bnc#1012382).\n- x86/speculation/mds: Fix documentation typo (bnc#1012382).\n- x86/speculation: Add command line control for indirect branch speculation (bnc#1012382).\n- x86/speculation: Add prctl() control for indirect branch speculation (bnc#1012382).\n- x86/speculation: Add seccomp Spectre v2 user space protection mode (bnc#1012382).\n- x86/speculation: Avoid __switch_to_xtra() calls (bnc#1012382).\n- x86/speculation: Clean up spectre_v2_parse_cmdline() (bnc#1012382).\n- x86/speculation: Disable STIBP when enhanced IBRS is in use (bnc#1012382).\n- x86/speculation: Enable prctl mode for spectre_v2_user (bnc#1012382).\n- x86/speculation: Mark string arrays const correctly (bnc#1012382).\n- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bnc#1012382).\n- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bnc#1012382).\n- x86/speculation: Prepare for conditional IBPB in switch_mm() (bnc#1012382).\n- x86/speculation: Prepare for per task indirect branch speculation control (bnc#1012382).\n- x86/speculation: Prevent stale SPEC_CTRL msr content (bnc#1012382).\n- x86/speculation: Provide IBPB always command line options (bnc#1012382).\n- x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation (bnc#1012382).\n- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bnc#1012382).\n- x86/speculation: Rename SSBD update functions (bnc#1012382).\n- x86/speculation: Reorder the spec_v2 code (bnc#1012382).\n- x86/speculation: Reorganize speculation control MSRs update (bnc#1012382).\n- x86/speculation: Split out TIF update (bnc#1012382).\n- x86/speculation: Support 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).\n- x86/speculation: Support Enhanced IBRS on future CPUs (bnc#1012382).\n- x86/speculation: Unify conditional spectre v2 print functions (bnc#1012382).\n- x86/speculation: Update the TIF_SSBD comment (bnc#1012382).\n- x86/vdso: Drop implicit common-page-size linker flag (bnc#1012382).\n- x86/vdso: Pass --eh-frame-hdr to the linker (git-fixes).\n- x86: vdso: Use $LD instead of $CC to link (bnc#1012382).\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- xen: Prevent buffer overflow in privcmd ioctl (bnc#1012382).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xsysace: Fix error handling in ace_setup (bnc#1012382).\n- xtensa: fix return_address (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1527,SUSE-SLE-SERVER-12-SP3-2019-1527", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1527-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1527-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191527-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1527-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005576.html", }, { category: "self", summary: "SUSE Bug 1005778", url: "https://bugzilla.suse.com/1005778", }, { category: "self", summary: "SUSE Bug 1005780", url: "https://bugzilla.suse.com/1005780", }, { category: "self", summary: "SUSE Bug 1005781", url: "https://bugzilla.suse.com/1005781", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1019695", url: "https://bugzilla.suse.com/1019695", }, { category: "self", summary: "SUSE Bug 1019696", url: "https://bugzilla.suse.com/1019696", }, { category: "self", summary: "SUSE Bug 1022604", url: "https://bugzilla.suse.com/1022604", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1085539", url: "https://bugzilla.suse.com/1085539", }, { category: "self", summary: "SUSE Bug 1090888", url: "https://bugzilla.suse.com/1090888", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1106929", url: "https://bugzilla.suse.com/1106929", }, { category: "self", summary: "SUSE Bug 1108293", url: "https://bugzilla.suse.com/1108293", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1110785", url: "https://bugzilla.suse.com/1110785", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1112178", url: "https://bugzilla.suse.com/1112178", }, { category: "self", summary: "SUSE Bug 1116803", url: "https://bugzilla.suse.com/1116803", }, { category: "self", summary: "SUSE Bug 1117562", url: "https://bugzilla.suse.com/1117562", }, { category: "self", summary: "SUSE Bug 1119086", url: "https://bugzilla.suse.com/1119086", }, { category: "self", summary: "SUSE Bug 1120642", url: "https://bugzilla.suse.com/1120642", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120885", url: "https://bugzilla.suse.com/1120885", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1125580", url: "https://bugzilla.suse.com/1125580", }, { category: "self", summary: "SUSE Bug 1126040", url: "https://bugzilla.suse.com/1126040", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131107", url: "https://bugzilla.suse.com/1131107", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131543", url: "https://bugzilla.suse.com/1131543", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1132212", url: "https://bugzilla.suse.com/1132212", }, { category: "self", summary: "SUSE Bug 1132374", url: "https://bugzilla.suse.com/1132374", }, { category: "self", summary: "SUSE Bug 1132472", url: "https://bugzilla.suse.com/1132472", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133874", url: "https://bugzilla.suse.com/1133874", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134338", url: "https://bugzilla.suse.com/1134338", }, { category: "self", summary: "SUSE Bug 1134537", url: "https://bugzilla.suse.com/1134537", }, { category: "self", summary: "SUSE Bug 1134564", url: "https://bugzilla.suse.com/1134564", }, { category: "self", summary: "SUSE Bug 1134565", url: "https://bugzilla.suse.com/1134565", }, { category: "self", summary: "SUSE Bug 1134566", url: "https://bugzilla.suse.com/1134566", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1135013", url: "https://bugzilla.suse.com/1135013", }, { category: "self", summary: "SUSE Bug 1135014", url: "https://bugzilla.suse.com/1135014", }, { category: "self", summary: "SUSE Bug 1135015", url: "https://bugzilla.suse.com/1135015", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135878", url: "https://bugzilla.suse.com/1135878", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136446", url: "https://bugzilla.suse.com/1136446", }, { category: "self", summary: "SUSE Bug 1136448", url: "https://bugzilla.suse.com/1136448", }, { category: "self", summary: "SUSE Bug 1136449", url: "https://bugzilla.suse.com/1136449", }, { category: "self", summary: "SUSE Bug 1136451", url: "https://bugzilla.suse.com/1136451", }, { category: "self", summary: "SUSE Bug 1136452", url: "https://bugzilla.suse.com/1136452", }, { category: "self", summary: "SUSE Bug 1136455", url: "https://bugzilla.suse.com/1136455", }, { category: "self", summary: "SUSE Bug 1136458", url: "https://bugzilla.suse.com/1136458", }, { category: "self", summary: "SUSE Bug 1136539", url: "https://bugzilla.suse.com/1136539", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136575", url: "https://bugzilla.suse.com/1136575", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136590", url: "https://bugzilla.suse.com/1136590", }, { category: "self", summary: "SUSE Bug 1136623", url: "https://bugzilla.suse.com/1136623", }, { category: "self", summary: "SUSE Bug 1136810", url: "https://bugzilla.suse.com/1136810", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137142", url: "https://bugzilla.suse.com/1137142", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 1137739", url: "https://bugzilla.suse.com/1137739", }, { category: "self", summary: "SUSE Bug 1137752", url: "https://bugzilla.suse.com/1137752", }, { category: "self", summary: "SUSE Bug 843419", url: "https://bugzilla.suse.com/843419", }, { category: "self", summary: "SUSE CVE CVE-2013-4343 page", url: "https://www.suse.com/security/cve/CVE-2013-4343/", }, { category: "self", summary: "SUSE CVE CVE-2018-17972 page", url: "https://www.suse.com/security/cve/CVE-2018-17972/", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-11190 page", url: "https://www.suse.com/security/cve/CVE-2019-11190/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-17T17:16:12Z", generator: { date: "2019-06-17T17:16:12Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1527-1", initial_release_date: "2019-06-17T17:16:12Z", revision_history: [ { date: "2019-06-17T17:16:12Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.4.180-4.31.1.noarch", product: { name: "kernel-devel-azure-4.4.180-4.31.1.noarch", product_id: "kernel-devel-azure-4.4.180-4.31.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.4.180-4.31.1.noarch", product: { name: "kernel-source-azure-4.4.180-4.31.1.noarch", product_id: "kernel-source-azure-4.4.180-4.31.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-4.4.180-4.31.1.x86_64", product: { name: "cluster-md-kmp-azure-4.4.180-4.31.1.x86_64", product_id: "cluster-md-kmp-azure-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-4.4.180-4.31.1.x86_64", product: { name: "dlm-kmp-azure-4.4.180-4.31.1.x86_64", product_id: "dlm-kmp-azure-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-4.4.180-4.31.1.x86_64", product: { name: "gfs2-kmp-azure-4.4.180-4.31.1.x86_64", product_id: "gfs2-kmp-azure-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-4.4.180-4.31.1.x86_64", product: { name: "kernel-azure-4.4.180-4.31.1.x86_64", product_id: "kernel-azure-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.4.180-4.31.1.x86_64", product: { name: "kernel-azure-base-4.4.180-4.31.1.x86_64", product_id: "kernel-azure-base-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.4.180-4.31.1.x86_64", product: { name: "kernel-azure-devel-4.4.180-4.31.1.x86_64", product_id: "kernel-azure-devel-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-4.4.180-4.31.1.x86_64", product: { name: "kernel-azure-extra-4.4.180-4.31.1.x86_64", product_id: "kernel-azure-extra-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-kgraft-4.4.180-4.31.1.x86_64", product: { name: "kernel-azure-kgraft-4.4.180-4.31.1.x86_64", product_id: "kernel-azure-kgraft-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.4.180-4.31.1.x86_64", product: { name: "kernel-syms-azure-4.4.180-4.31.1.x86_64", product_id: "kernel-syms-azure-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-4.4.180-4.31.1.x86_64", product: { name: "kselftests-kmp-azure-4.4.180-4.31.1.x86_64", product_id: "kselftests-kmp-azure-4.4.180-4.31.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-4.4.180-4.31.1.x86_64", product: { name: "ocfs2-kmp-azure-4.4.180-4.31.1.x86_64", product_id: "ocfs2-kmp-azure-4.4.180-4.31.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-azure-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-azure-base-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-azure-devel-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.4.180-4.31.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", }, product_reference: "kernel-devel-azure-4.4.180-4.31.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.4.180-4.31.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", }, product_reference: "kernel-source-azure-4.4.180-4.31.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-syms-azure-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-azure-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-azure-base-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-azure-devel-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.4.180-4.31.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", }, product_reference: "kernel-devel-azure-4.4.180-4.31.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.4.180-4.31.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", }, product_reference: "kernel-source-azure-4.4.180-4.31.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.4.180-4.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", }, product_reference: "kernel-syms-azure-4.4.180-4.31.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2013-4343", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4343", }, ], notes: [ { category: "general", text: "Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4343", url: "https://www.suse.com/security/cve/CVE-2013-4343", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2013-4343", url: "https://bugzilla.suse.com/1135603", }, { category: "external", summary: "SUSE Bug 839965 for CVE-2013-4343", url: "https://bugzilla.suse.com/839965", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "moderate", }, ], title: "CVE-2013-4343", }, { cve: "CVE-2018-17972", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17972", }, ], notes: [ { category: "general", text: "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17972", url: "https://www.suse.com/security/cve/CVE-2018-17972", }, { category: "external", summary: "SUSE Bug 1110785 for CVE-2018-17972", url: "https://bugzilla.suse.com/1110785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "moderate", }, ], title: "CVE-2018-17972", }, { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-11190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11190", }, ], notes: [ { category: "general", text: "The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11190", url: "https://www.suse.com/security/cve/CVE-2019-11190", }, { category: "external", summary: "SUSE Bug 1131543 for CVE-2019-11190", url: "https://bugzilla.suse.com/1131543", }, { category: "external", summary: "SUSE Bug 1132374 for CVE-2019-11190", url: "https://bugzilla.suse.com/1132374", }, { category: "external", summary: "SUSE Bug 1132472 for CVE-2019-11190", url: "https://bugzilla.suse.com/1132472", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "important", }, ], title: "CVE-2019-11190", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.180-4.31.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.180-4.31.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.180-4.31.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:16:12Z", details: "moderate", }, ], title: "CVE-2019-5489", }, ], }
suse-su-2019:1289-1
Vulnerability from csaf_suse
Published
2019-05-28 11:38
Modified
2019-05-28 11:38
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes.
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736
The following security bugs were fixed:
- CVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure (bnc#1114920 bnc#1124010).
- CVE-2017-1000407: By flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic (bnc#1071021).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
- CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c allowed physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report (bnc#1031240).
- CVE-2017-7472: The KEYS subsystem allowed local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls (bnc#1034862).
- CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. (bnc#1107829).
- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517 bnc#1105296).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-18281: The mremap() syscall performed TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025).
- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-19985: The function hso_get_config_data in drivers/net/usb/hso.c read if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allowed arbitrary read in the kernel address space (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-5391: The Linux kernel was vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bnc#1103097).
- CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. (bnc#1108498).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c had multiple race conditions (bnc#1133188). The line discipline was disabled.
- CVE-2019-3459: A heap address information leak while using L2CAP_GET_CONF_OPT was discovered (bnc#1120758).
- CVE-2019-3460: A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found (bnc#1120758).
- CVE-2019-3882: A flaw was found vfio interface implementation that permitted violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427).
- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bnc#1124728).
- CVE-2019-7221: The KVM implementation had a Use-after-Free (bnc#1124732).
- CVE-2019-7222: The KVM implementation had an Information Leak (bnc#1124735).
- CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).
- CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828).
The following non-security bugs were fixed:
- cifs: Check for timeout on Negotiate stage (bsc#1091171 bsc#1126890).
- fix pgd underflow (bnc#1104475) (bsc#1104475, bsc#1110768).
- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).
- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (bsc#1111331).
- net: ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).
- sched/core: Optimize SCHED_SMT (bsc#1111331)
- sched/smt: Expose sched_smt_present static key (bsc#1106913).
- sched/smt: Make sched_smt_present track topology (bsc#1106913).
- sched/smt: Update sched_smt_present at runtime (bsc#1111331)
- tcp: prevent bogus FRTO undos with non-SACK flows (bsc#1086535).
- x86/bugs: Rename SSBD_NO to SSB_NO (bsc#1111331)
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331).
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).
- x86/mce: Improve error message when kernel cannot recover, p2 (bsc#1114648).
- x86/msr-index: Cleanup bit defines (bsc#1111331).
- x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913, bsc#1111516).
- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).
- x86/speculation: Consolidate CPU whitelists (bsc#1111331).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).
- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).
- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).
- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).
- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).
- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).
- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).
- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).
- x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1111331).
- x86/speculation: Rework SMT state change (bsc#1111331).
- x86/speculation: Simplify the CPU bug detection logic (bsc#1111331).
- x86/uaccess: Do not leak the AC flag into __put_user() value evaluation (bsc#1114648).
- xfs: do not BUG() on mixed direct and mapped I/O (bsc#1114920).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xfs: stop searching for free slots in an inode chunk when there are none (bsc#1115007).
- xfs: xfs_iget_check_free_state: Use correct sign for errors (bsc#1122015, bsc#1100001).
- xfs: validate sb_logsunit is a multiple of the fs blocksize (bsc#1115038).
Patchnames
SUSE-2019-1289,SUSE-SLE-Module-Public-Cloud-12-2019-1289,SUSE-SLE-SAP-12-SP1-2019-1289,SUSE-SLE-SERVER-12-SP1-2019-1289
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes.\n\nFour new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)\n\n- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)\n- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)\n- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)\n- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)\n\nThis kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.\n\nFor more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736\n\nThe following security bugs were fixed:\n\n- CVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure (bnc#1114920 bnc#1124010).\n- CVE-2017-1000407: By flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic (bnc#1071021).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n- CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c allowed physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report (bnc#1031240).\n- CVE-2017-7472: The KEYS subsystem allowed local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls (bnc#1034862).\n- CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. (bnc#1107829).\n- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517 bnc#1105296).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-18281: The mremap() syscall performed TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025).\n- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-19985: The function hso_get_config_data in drivers/net/usb/hso.c read if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allowed arbitrary read in the kernel address space (bnc#1120743).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n- CVE-2018-5391: The Linux kernel was vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bnc#1103097).\n- CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. (bnc#1108498).\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c had multiple race conditions (bnc#1133188). The line discipline was disabled.\n- CVE-2019-3459: A heap address information leak while using L2CAP_GET_CONF_OPT was discovered (bnc#1120758).\n- CVE-2019-3460: A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found (bnc#1120758).\n- CVE-2019-3882: A flaw was found vfio interface implementation that permitted violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427).\n- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bnc#1124728).\n- CVE-2019-7221: The KVM implementation had a Use-after-Free (bnc#1124732).\n- CVE-2019-7222: The KVM implementation had an Information Leak (bnc#1124735).\n- CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).\n- CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828).\n\nThe following non-security bugs were fixed:\n\n- cifs: Check for timeout on Negotiate stage (bsc#1091171 bsc#1126890).\n- fix pgd underflow (bnc#1104475) (bsc#1104475, bsc#1110768).\n- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).\n- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (bsc#1111331).\n- net: ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).\n- sched/core: Optimize SCHED_SMT (bsc#1111331)\n- sched/smt: Expose sched_smt_present static key (bsc#1106913).\n- sched/smt: Make sched_smt_present track topology (bsc#1106913).\n- sched/smt: Update sched_smt_present at runtime (bsc#1111331)\n- tcp: prevent bogus FRTO undos with non-SACK flows (bsc#1086535).\n- x86/bugs: Rename SSBD_NO to SSB_NO (bsc#1111331)\n- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).\n- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331).\n- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).\n- x86/mce: Improve error message when kernel cannot recover, p2 (bsc#1114648).\n- x86/msr-index: Cleanup bit defines (bsc#1111331).\n- x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913, bsc#1111516).\n- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).\n- x86/speculation: Consolidate CPU whitelists (bsc#1111331).\n- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).\n- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).\n- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).\n- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).\n- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).\n- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).\n- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).\n- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).\n- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).\n- x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1111331).\n- x86/speculation: Rework SMT state change (bsc#1111331).\n- x86/speculation: Simplify the CPU bug detection logic (bsc#1111331).\n- x86/uaccess: Do not leak the AC flag into __put_user() value evaluation (bsc#1114648).\n- xfs: do not BUG() on mixed direct and mapped I/O (bsc#1114920).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xfs: stop searching for free slots in an inode chunk when there are none (bsc#1115007).\n- xfs: xfs_iget_check_free_state: Use correct sign for errors (bsc#1122015, bsc#1100001).\n- xfs: validate sb_logsunit is a multiple of the fs blocksize (bsc#1115038).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1289,SUSE-SLE-Module-Public-Cloud-12-2019-1289,SUSE-SLE-SAP-12-SP1-2019-1289,SUSE-SLE-SERVER-12-SP1-2019-1289", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1289-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1289-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191289-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1289-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-May/005476.html", }, { category: "self", summary: "SUSE Bug 1031240", url: "https://bugzilla.suse.com/1031240", }, { category: "self", summary: "SUSE Bug 1034862", url: "https://bugzilla.suse.com/1034862", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1071021", url: "https://bugzilla.suse.com/1071021", }, { category: "self", summary: "SUSE Bug 1086535", url: "https://bugzilla.suse.com/1086535", }, { category: "self", summary: "SUSE Bug 1091171", url: "https://bugzilla.suse.com/1091171", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1103097", url: "https://bugzilla.suse.com/1103097", }, { category: "self", summary: "SUSE Bug 1104475", url: "https://bugzilla.suse.com/1104475", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105296", url: "https://bugzilla.suse.com/1105296", }, { category: "self", summary: "SUSE Bug 1106913", url: "https://bugzilla.suse.com/1106913", }, { category: "self", summary: "SUSE Bug 1107829", url: "https://bugzilla.suse.com/1107829", }, { category: "self", summary: "SUSE Bug 1108498", url: "https://bugzilla.suse.com/1108498", }, { category: "self", summary: "SUSE Bug 1110768", url: "https://bugzilla.suse.com/1110768", }, { category: "self", summary: "SUSE Bug 1111331", url: "https://bugzilla.suse.com/1111331", }, { category: "self", summary: "SUSE Bug 1111516", url: "https://bugzilla.suse.com/1111516", }, { category: "self", summary: "SUSE Bug 1113751", url: "https://bugzilla.suse.com/1113751", }, { category: "self", summary: "SUSE Bug 1113769", url: "https://bugzilla.suse.com/1113769", }, { category: "self", summary: "SUSE Bug 1114648", url: "https://bugzilla.suse.com/1114648", }, { category: "self", summary: "SUSE Bug 1114920", url: "https://bugzilla.suse.com/1114920", }, { category: "self", summary: "SUSE Bug 1115007", url: "https://bugzilla.suse.com/1115007", }, { category: "self", summary: "SUSE Bug 1115038", url: "https://bugzilla.suse.com/1115038", }, { category: "self", summary: "SUSE Bug 1116345", url: "https://bugzilla.suse.com/1116345", }, { category: "self", summary: "SUSE Bug 1116841", url: "https://bugzilla.suse.com/1116841", }, { category: "self", summary: "SUSE Bug 1118152", url: "https://bugzilla.suse.com/1118152", }, { category: "self", summary: "SUSE Bug 1118319", url: "https://bugzilla.suse.com/1118319", }, { category: "self", summary: "SUSE Bug 1119714", url: "https://bugzilla.suse.com/1119714", }, { category: "self", summary: "SUSE Bug 1119946", url: "https://bugzilla.suse.com/1119946", }, { category: "self", summary: "SUSE Bug 1120743", url: "https://bugzilla.suse.com/1120743", }, { category: "self", summary: "SUSE Bug 1120758", url: "https://bugzilla.suse.com/1120758", }, { category: "self", summary: "SUSE Bug 1121621", url: "https://bugzilla.suse.com/1121621", }, { category: "self", summary: "SUSE Bug 1122015", url: "https://bugzilla.suse.com/1122015", }, { category: "self", summary: "SUSE Bug 1123161", url: "https://bugzilla.suse.com/1123161", }, { category: "self", summary: "SUSE Bug 1124010", url: "https://bugzilla.suse.com/1124010", }, { category: "self", summary: "SUSE Bug 1124728", url: "https://bugzilla.suse.com/1124728", }, { category: "self", summary: "SUSE Bug 1124732", url: "https://bugzilla.suse.com/1124732", }, { category: "self", summary: "SUSE Bug 1124735", url: "https://bugzilla.suse.com/1124735", }, { category: "self", summary: "SUSE Bug 1126890", url: "https://bugzilla.suse.com/1126890", }, { category: "self", summary: "SUSE Bug 1128166", url: "https://bugzilla.suse.com/1128166", }, { category: "self", summary: "SUSE Bug 1131416", url: "https://bugzilla.suse.com/1131416", }, { category: "self", summary: "SUSE Bug 1131427", url: "https://bugzilla.suse.com/1131427", }, { category: "self", summary: "SUSE Bug 1132828", url: "https://bugzilla.suse.com/1132828", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE CVE CVE-2016-10741 page", url: "https://www.suse.com/security/cve/CVE-2016-10741/", }, { category: "self", summary: "SUSE CVE CVE-2017-1000407 page", url: "https://www.suse.com/security/cve/CVE-2017-1000407/", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-7273 page", url: "https://www.suse.com/security/cve/CVE-2017-7273/", }, { category: "self", summary: "SUSE CVE CVE-2017-7472 page", url: "https://www.suse.com/security/cve/CVE-2017-7472/", }, { category: "self", summary: "SUSE CVE CVE-2018-12126 page", url: "https://www.suse.com/security/cve/CVE-2018-12126/", }, { category: "self", summary: "SUSE CVE CVE-2018-12127 page", url: "https://www.suse.com/security/cve/CVE-2018-12127/", }, { category: "self", summary: "SUSE CVE CVE-2018-12130 page", url: "https://www.suse.com/security/cve/CVE-2018-12130/", }, { category: "self", summary: "SUSE CVE CVE-2018-14633 page", url: "https://www.suse.com/security/cve/CVE-2018-14633/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16884 page", url: "https://www.suse.com/security/cve/CVE-2018-16884/", }, { category: "self", summary: "SUSE CVE CVE-2018-18281 page", url: "https://www.suse.com/security/cve/CVE-2018-18281/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18690 page", url: "https://www.suse.com/security/cve/CVE-2018-18690/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, { category: "self", summary: "SUSE CVE CVE-2018-19407 page", url: "https://www.suse.com/security/cve/CVE-2018-19407/", }, { category: "self", summary: "SUSE CVE CVE-2018-19824 page", url: "https://www.suse.com/security/cve/CVE-2018-19824/", }, { category: "self", summary: "SUSE CVE CVE-2018-19985 page", url: "https://www.suse.com/security/cve/CVE-2018-19985/", }, { category: "self", summary: "SUSE CVE CVE-2018-20169 page", url: "https://www.suse.com/security/cve/CVE-2018-20169/", }, { category: "self", summary: "SUSE CVE CVE-2018-5391 page", url: "https://www.suse.com/security/cve/CVE-2018-5391/", }, { category: "self", summary: "SUSE CVE CVE-2018-9516 page", url: "https://www.suse.com/security/cve/CVE-2018-9516/", }, { category: "self", summary: "SUSE CVE CVE-2018-9568 page", url: "https://www.suse.com/security/cve/CVE-2018-9568/", }, { category: "self", summary: "SUSE CVE CVE-2019-11091 page", url: "https://www.suse.com/security/cve/CVE-2019-11091/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-3459 page", url: "https://www.suse.com/security/cve/CVE-2019-3459/", }, { category: "self", summary: "SUSE CVE CVE-2019-3460 page", url: "https://www.suse.com/security/cve/CVE-2019-3460/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-6974 page", url: "https://www.suse.com/security/cve/CVE-2019-6974/", }, { category: "self", summary: "SUSE CVE CVE-2019-7221 page", url: "https://www.suse.com/security/cve/CVE-2019-7221/", }, { category: "self", summary: "SUSE CVE CVE-2019-7222 page", url: "https://www.suse.com/security/cve/CVE-2019-7222/", }, { category: "self", summary: "SUSE CVE CVE-2019-8564 page", url: "https://www.suse.com/security/cve/CVE-2019-8564/", }, { category: "self", summary: "SUSE CVE CVE-2019-9213 page", url: "https://www.suse.com/security/cve/CVE-2019-9213/", }, { category: "self", summary: "SUSE CVE CVE-2019-9503 page", url: "https://www.suse.com/security/cve/CVE-2019-9503/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-05-28T11:38:31Z", generator: { date: "2019-05-28T11:38:31Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1289-1", initial_release_date: "2019-05-28T11:38:31Z", revision_history: [ { date: "2019-05-28T11:38:31Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-3.12.74-60.64.110.1.noarch", product: { name: "kernel-devel-3.12.74-60.64.110.1.noarch", product_id: "kernel-devel-3.12.74-60.64.110.1.noarch", }, }, { category: "product_version", name: "kernel-docs-3.12.74-60.64.110.1.noarch", product: { name: "kernel-docs-3.12.74-60.64.110.1.noarch", product_id: "kernel-docs-3.12.74-60.64.110.1.noarch", }, }, { category: "product_version", name: "kernel-macros-3.12.74-60.64.110.1.noarch", product: { name: "kernel-macros-3.12.74-60.64.110.1.noarch", product_id: "kernel-macros-3.12.74-60.64.110.1.noarch", }, }, { category: "product_version", name: "kernel-source-3.12.74-60.64.110.1.noarch", product: { name: "kernel-source-3.12.74-60.64.110.1.noarch", product_id: "kernel-source-3.12.74-60.64.110.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-3.12.74-60.64.110.1.noarch", product: { name: "kernel-source-vanilla-3.12.74-60.64.110.1.noarch", product_id: "kernel-source-vanilla-3.12.74-60.64.110.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-debug-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-debug-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-debug-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-debug-base-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-debug-base-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-debug-devel-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-debug-devel-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-extra-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-debug-extra-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-debug-extra-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-default-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-default-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-default-base-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-default-base-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-default-devel-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-default-devel-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-default-extra-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-default-extra-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-obs-build-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-obs-build-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-obs-qa-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-obs-qa-3.12.74-60.64.110.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-3.12.74-60.64.110.1.ppc64le", product: { name: "kernel-syms-3.12.74-60.64.110.1.ppc64le", product_id: "kernel-syms-3.12.74-60.64.110.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-3.12.74-60.64.110.1.s390x", product: { name: "kernel-default-3.12.74-60.64.110.1.s390x", product_id: "kernel-default-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-3.12.74-60.64.110.1.s390x", product: { name: "kernel-default-base-3.12.74-60.64.110.1.s390x", product_id: "kernel-default-base-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-3.12.74-60.64.110.1.s390x", product: { name: "kernel-default-devel-3.12.74-60.64.110.1.s390x", product_id: "kernel-default-devel-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-3.12.74-60.64.110.1.s390x", product: { name: "kernel-default-extra-3.12.74-60.64.110.1.s390x", product_id: "kernel-default-extra-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-3.12.74-60.64.110.1.s390x", product: { name: "kernel-default-man-3.12.74-60.64.110.1.s390x", product_id: "kernel-default-man-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-3.12.74-60.64.110.1.s390x", product: { name: "kernel-obs-build-3.12.74-60.64.110.1.s390x", product_id: "kernel-obs-build-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-3.12.74-60.64.110.1.s390x", product: { name: "kernel-obs-qa-3.12.74-60.64.110.1.s390x", product_id: "kernel-obs-qa-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-syms-3.12.74-60.64.110.1.s390x", product: { name: "kernel-syms-3.12.74-60.64.110.1.s390x", product_id: "kernel-syms-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-3.12.74-60.64.110.1.s390x", product: { name: "kernel-vanilla-3.12.74-60.64.110.1.s390x", product_id: "kernel-vanilla-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-3.12.74-60.64.110.1.s390x", product: { name: "kernel-vanilla-devel-3.12.74-60.64.110.1.s390x", product_id: "kernel-vanilla-devel-3.12.74-60.64.110.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-3.12.74-60.64.110.1.s390x", product: { name: "kernel-zfcpdump-3.12.74-60.64.110.1.s390x", product_id: "kernel-zfcpdump-3.12.74-60.64.110.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-debug-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-debug-3.12.74-60.64.110.1.x86_64", product_id: "kernel-debug-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-debug-base-3.12.74-60.64.110.1.x86_64", product_id: "kernel-debug-base-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-debug-devel-3.12.74-60.64.110.1.x86_64", product_id: "kernel-debug-devel-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-extra-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-debug-extra-3.12.74-60.64.110.1.x86_64", product_id: "kernel-debug-extra-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-default-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-default-3.12.74-60.64.110.1.x86_64", product_id: "kernel-default-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-default-base-3.12.74-60.64.110.1.x86_64", product_id: "kernel-default-base-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-default-devel-3.12.74-60.64.110.1.x86_64", product_id: "kernel-default-devel-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-default-extra-3.12.74-60.64.110.1.x86_64", product_id: "kernel-default-extra-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-ec2-3.12.74-60.64.110.1.x86_64", product_id: "kernel-ec2-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-base-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-ec2-base-3.12.74-60.64.110.1.x86_64", product_id: "kernel-ec2-base-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", product_id: "kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", product_id: "kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-obs-build-3.12.74-60.64.110.1.x86_64", product_id: "kernel-obs-build-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-obs-qa-3.12.74-60.64.110.1.x86_64", product_id: "kernel-obs-qa-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-syms-3.12.74-60.64.110.1.x86_64", product_id: "kernel-syms-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-vanilla-3.12.74-60.64.110.1.x86_64", product_id: "kernel-vanilla-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-vanilla-devel-3.12.74-60.64.110.1.x86_64", product_id: "kernel-vanilla-devel-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-xen-3.12.74-60.64.110.1.x86_64", product_id: "kernel-xen-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-xen-base-3.12.74-60.64.110.1.x86_64", product_id: "kernel-xen-base-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-xen-devel-3.12.74-60.64.110.1.x86_64", product_id: "kernel-xen-devel-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-extra-3.12.74-60.64.110.1.x86_64", product: { name: "kernel-xen-extra-3.12.74-60.64.110.1.x86_64", product_id: "kernel-xen-extra-3.12.74-60.64.110.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", product: { name: "kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", product_id: "kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", product: { name: "kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", product_id: "kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", }, }, { category: "product_version", name: "lttng-modules-2.7.0-4.4.1.x86_64", product: { name: "lttng-modules-2.7.0-4.4.1.x86_64", product_id: "lttng-modules-2.7.0-4.4.1.x86_64", }, }, { category: "product_version", name: "lttng-modules-kmp-compute-2.7.0_k3.12.49_2-4.4.1.x86_64", product: { name: "lttng-modules-kmp-compute-2.7.0_k3.12.49_2-4.4.1.x86_64", product_id: "lttng-modules-kmp-compute-2.7.0_k3.12.49_2-4.4.1.x86_64", }, }, { category: "product_version", name: "lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", product: { name: "lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", product_id: "lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", }, }, { category: "product_version", name: "lttng-modules-kmp-rt-2.7.0_k3.12.49_2-4.4.1.x86_64", product: { name: "lttng-modules-kmp-rt-2.7.0_k3.12.49_2-4.4.1.x86_64", product_id: "lttng-modules-kmp-rt-2.7.0_k3.12.49_2-4.4.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 12", product: { name: "SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-ec2-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-extra-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-default-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-default-base-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-default-devel-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-3.12.74-60.64.110.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", }, product_reference: "kernel-devel-3.12.74-60.64.110.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-3.12.74-60.64.110.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", }, product_reference: "kernel-macros-3.12.74-60.64.110.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.12.74-60.64.110.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", }, product_reference: "kernel-source-3.12.74-60.64.110.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-syms-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-xen-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-xen-base-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-xen-devel-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", }, product_reference: "kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", }, product_reference: "kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-2.7.0-4.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", }, product_reference: "lttng-modules-2.7.0-4.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", }, product_reference: "lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.110.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", }, product_reference: "kernel-default-3.12.74-60.64.110.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.110.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", }, product_reference: "kernel-default-3.12.74-60.64.110.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-default-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.110.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", }, product_reference: "kernel-default-base-3.12.74-60.64.110.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.110.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", }, product_reference: "kernel-default-base-3.12.74-60.64.110.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-default-base-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.110.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", }, product_reference: "kernel-default-devel-3.12.74-60.64.110.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.110.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", }, product_reference: "kernel-default-devel-3.12.74-60.64.110.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-default-devel-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-3.12.74-60.64.110.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", }, product_reference: "kernel-default-man-3.12.74-60.64.110.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-3.12.74-60.64.110.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", }, product_reference: "kernel-devel-3.12.74-60.64.110.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-3.12.74-60.64.110.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", }, product_reference: "kernel-macros-3.12.74-60.64.110.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.12.74-60.64.110.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", }, product_reference: "kernel-source-3.12.74-60.64.110.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.110.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", }, product_reference: "kernel-syms-3.12.74-60.64.110.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.110.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", }, product_reference: "kernel-syms-3.12.74-60.64.110.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-syms-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-xen-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-xen-base-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.12.74-60.64.110.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", }, product_reference: "kernel-xen-devel-3.12.74-60.64.110.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", }, product_reference: "kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", }, product_reference: "kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-2.7.0-4.4.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", }, product_reference: "lttng-modules-2.7.0-4.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", }, product_reference: "lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2016-10741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10741", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-10741", url: "https://www.suse.com/security/cve/CVE-2016-10741", }, { category: "external", summary: "SUSE Bug 1114920 for CVE-2016-10741", url: "https://bugzilla.suse.com/1114920", }, { category: "external", summary: "SUSE Bug 1124010 for CVE-2016-10741", url: "https://bugzilla.suse.com/1124010", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2016-10741", }, { cve: "CVE-2017-1000407", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000407", }, ], notes: [ { category: "general", text: "The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000407", url: "https://www.suse.com/security/cve/CVE-2017-1000407", }, { category: "external", summary: "SUSE Bug 1071021 for CVE-2017-1000407", url: "https://bugzilla.suse.com/1071021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2017-1000407", }, { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-7273", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7273", }, ], notes: [ { category: "general", text: "The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7273", url: "https://www.suse.com/security/cve/CVE-2017-7273", }, { category: "external", summary: "SUSE Bug 1031240 for CVE-2017-7273", url: "https://bugzilla.suse.com/1031240", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2017-7273", }, { cve: "CVE-2017-7472", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7472", }, ], notes: [ { category: "general", text: "The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7472", url: "https://www.suse.com/security/cve/CVE-2017-7472", }, { category: "external", summary: "SUSE Bug 1034862 for CVE-2017-7472", url: "https://bugzilla.suse.com/1034862", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2017-7472", }, { cve: "CVE-2018-12126", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12126", }, ], notes: [ { category: "general", text: "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12126", url: "https://www.suse.com/security/cve/CVE-2018-12126", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12126", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12126", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12126", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1135524 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135524", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12126", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12126", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12126", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1149725 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149725", }, { category: "external", summary: "SUSE Bug 1149726 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149726", }, { category: "external", summary: "SUSE Bug 1149729 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149729", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12126", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12126", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-12126", }, { cve: "CVE-2018-12127", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12127", }, ], notes: [ { category: "general", text: "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12127", url: "https://www.suse.com/security/cve/CVE-2018-12127", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12127", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12127", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12127", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12127", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12127", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12127", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12127", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12127", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-12127", }, { cve: "CVE-2018-12130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12130", }, ], notes: [ { category: "general", text: "Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12130", url: "https://www.suse.com/security/cve/CVE-2018-12130", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12130", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12130", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12130", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12130", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12130", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12130", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12130", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12130", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12130", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-12130", }, { cve: "CVE-2018-14633", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14633", }, ], notes: [ { category: "general", text: "A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14633", url: "https://www.suse.com/security/cve/CVE-2018-14633", }, { category: "external", summary: "SUSE Bug 1107829 for CVE-2018-14633", url: "https://bugzilla.suse.com/1107829", }, { category: "external", summary: "SUSE Bug 1107832 for CVE-2018-14633", url: "https://bugzilla.suse.com/1107832", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "important", }, ], title: "CVE-2018-14633", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16884", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16884", url: "https://www.suse.com/security/cve/CVE-2018-16884", }, { category: "external", summary: "SUSE Bug 1119946 for CVE-2018-16884", url: "https://bugzilla.suse.com/1119946", }, { category: "external", summary: "SUSE Bug 1119947 for CVE-2018-16884", url: "https://bugzilla.suse.com/1119947", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "important", }, ], title: "CVE-2018-16884", }, { cve: "CVE-2018-18281", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18281", }, ], notes: [ { category: "general", text: "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18281", url: "https://www.suse.com/security/cve/CVE-2018-18281", }, { category: "external", summary: "SUSE Bug 1113769 for CVE-2018-18281", url: "https://bugzilla.suse.com/1113769", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-18281", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18690", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18690", url: "https://www.suse.com/security/cve/CVE-2018-18690", }, { category: "external", summary: "SUSE Bug 1105025 for CVE-2018-18690", url: "https://bugzilla.suse.com/1105025", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-18690", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-18710", }, { cve: "CVE-2018-19407", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19407", }, ], notes: [ { category: "general", text: "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19407", url: "https://www.suse.com/security/cve/CVE-2018-19407", }, { category: "external", summary: "SUSE Bug 1116841 for CVE-2018-19407", url: "https://bugzilla.suse.com/1116841", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-19407", }, { cve: "CVE-2018-19824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19824", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19824", url: "https://www.suse.com/security/cve/CVE-2018-19824", }, { category: "external", summary: "SUSE Bug 1118152 for CVE-2018-19824", url: "https://bugzilla.suse.com/1118152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-19824", }, { cve: "CVE-2018-19985", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19985", }, ], notes: [ { category: "general", text: "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19985", url: "https://www.suse.com/security/cve/CVE-2018-19985", }, { category: "external", summary: "SUSE Bug 1120743 for CVE-2018-19985", url: "https://bugzilla.suse.com/1120743", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "low", }, ], title: "CVE-2018-19985", }, { cve: "CVE-2018-20169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20169", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20169", url: "https://www.suse.com/security/cve/CVE-2018-20169", }, { category: "external", summary: "SUSE Bug 1119714 for CVE-2018-20169", url: "https://bugzilla.suse.com/1119714", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-20169", }, { cve: "CVE-2018-5391", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5391", }, ], notes: [ { category: "general", text: "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5391", url: "https://www.suse.com/security/cve/CVE-2018-5391", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-5391", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1102340 for CVE-2018-5391", url: "https://bugzilla.suse.com/1102340", }, { category: "external", summary: "SUSE Bug 1103097 for CVE-2018-5391", url: "https://bugzilla.suse.com/1103097", }, { category: "external", summary: "SUSE Bug 1103098 for CVE-2018-5391", url: "https://bugzilla.suse.com/1103098", }, { category: "external", summary: "SUSE Bug 1108654 for CVE-2018-5391", url: "https://bugzilla.suse.com/1108654", }, { category: "external", summary: "SUSE Bug 1114071 for CVE-2018-5391", url: "https://bugzilla.suse.com/1114071", }, { category: "external", summary: "SUSE Bug 1121102 for CVE-2018-5391", url: "https://bugzilla.suse.com/1121102", }, { category: "external", summary: "SUSE Bug 1134140 for CVE-2018-5391", url: "https://bugzilla.suse.com/1134140", }, { category: "external", summary: "SUSE Bug 1181460 for CVE-2018-5391", url: "https://bugzilla.suse.com/1181460", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "important", }, ], title: "CVE-2018-5391", }, { cve: "CVE-2018-9516", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9516", }, ], notes: [ { category: "general", text: "In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9516", url: "https://www.suse.com/security/cve/CVE-2018-9516", }, { category: "external", summary: "SUSE Bug 1108498 for CVE-2018-9516", url: "https://bugzilla.suse.com/1108498", }, { category: "external", summary: "SUSE Bug 1123161 for CVE-2018-9516", url: "https://bugzilla.suse.com/1123161", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2018-9516", }, { cve: "CVE-2018-9568", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9568", }, ], notes: [ { category: "general", text: "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9568", url: "https://www.suse.com/security/cve/CVE-2018-9568", }, { category: "external", summary: "SUSE Bug 1118319 for CVE-2018-9568", url: "https://bugzilla.suse.com/1118319", }, { category: "external", summary: "SUSE Bug 1118320 for CVE-2018-9568", url: "https://bugzilla.suse.com/1118320", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "important", }, ], title: "CVE-2018-9568", }, { cve: "CVE-2019-11091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11091", }, ], notes: [ { category: "general", text: "Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11091", url: "https://www.suse.com/security/cve/CVE-2019-11091", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2019-11091", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2019-11091", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11091", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-11091", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1135394 for CVE-2019-11091", url: "https://bugzilla.suse.com/1135394", }, { category: "external", summary: "SUSE Bug 1138043 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138043", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2019-11091", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2019-11091", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2019-11091", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-11091", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-3459", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3459", }, ], notes: [ { category: "general", text: "A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3459", url: "https://www.suse.com/security/cve/CVE-2019-3459", }, { category: "external", summary: "SUSE Bug 1120758 for CVE-2019-3459", url: "https://bugzilla.suse.com/1120758", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-3459", }, { cve: "CVE-2019-3460", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3460", }, ], notes: [ { category: "general", text: "A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3460", url: "https://www.suse.com/security/cve/CVE-2019-3460", }, { category: "external", summary: "SUSE Bug 1120758 for CVE-2019-3460", url: "https://bugzilla.suse.com/1120758", }, { category: "external", summary: "SUSE Bug 1155131 for CVE-2019-3460", url: "https://bugzilla.suse.com/1155131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-3460", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-6974", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-6974", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-6974", url: "https://www.suse.com/security/cve/CVE-2019-6974", }, { category: "external", summary: "SUSE Bug 1124728 for CVE-2019-6974", url: "https://bugzilla.suse.com/1124728", }, { category: "external", summary: "SUSE Bug 1124729 for CVE-2019-6974", url: "https://bugzilla.suse.com/1124729", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "important", }, ], title: "CVE-2019-6974", }, { cve: "CVE-2019-7221", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-7221", }, ], notes: [ { category: "general", text: "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-7221", url: "https://www.suse.com/security/cve/CVE-2019-7221", }, { category: "external", summary: "SUSE Bug 1124732 for CVE-2019-7221", url: "https://bugzilla.suse.com/1124732", }, { category: "external", summary: "SUSE Bug 1124734 for CVE-2019-7221", url: "https://bugzilla.suse.com/1124734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "important", }, ], title: "CVE-2019-7221", }, { cve: "CVE-2019-7222", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-7222", }, ], notes: [ { category: "general", text: "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-7222", url: "https://www.suse.com/security/cve/CVE-2019-7222", }, { category: "external", summary: "SUSE Bug 1124735 for CVE-2019-7222", url: "https://bugzilla.suse.com/1124735", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "low", }, ], title: "CVE-2019-7222", }, { cve: "CVE-2019-8564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8564", }, ], notes: [ { category: "general", text: "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8564", url: "https://www.suse.com/security/cve/CVE-2019-8564", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-8564", }, { cve: "CVE-2019-9213", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9213", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9213", url: "https://www.suse.com/security/cve/CVE-2019-9213", }, { category: "external", summary: "SUSE Bug 1128166 for CVE-2019-9213", url: "https://bugzilla.suse.com/1128166", }, { category: "external", summary: "SUSE Bug 1128378 for CVE-2019-9213", url: "https://bugzilla.suse.com/1128378", }, { category: "external", summary: "SUSE Bug 1129016 for CVE-2019-9213", url: "https://bugzilla.suse.com/1129016", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-9213", }, { cve: "CVE-2019-9503", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9503", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9503", url: "https://www.suse.com/security/cve/CVE-2019-9503", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132828", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-9503", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1156653 for CVE-2019-9503", url: "https://bugzilla.suse.com/1156653", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.110.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.110.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-default-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_110-xen-1-2.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-2.7.0-4.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.110-4.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-28T11:38:31Z", details: "moderate", }, ], title: "CVE-2019-9503", }, ], }
suse-su-2019:1536-1
Vulnerability from csaf_suse
Published
2019-06-17 17:24
Modified
2019-06-17 17:24
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel was updated to 4.12.14 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.
- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)
- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)
- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\0' character. (bnc#1134848)
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
- 9p locks: add mount option for lock retry interval (bsc#1051510).
- acpi: button: reinitialize button state upon resume (bsc#1051510).
- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).
- acpi: fix menuconfig presentation of ACPI submenu (bsc#1117158).
- acpi / utils: Drop reference in test for device presence (bsc#1051510).
- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: hda/realtek - EAPD turn on later (bsc#1051510).
- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).
- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- alsa: timer: Coding style fixes (bsc#1051510).
- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- alsa: timer: Make sure to clear pending ack list (bsc#1051510).
- alsa: timer: Revert active callback sync check at close (bsc#1051510).
- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- alsa: timer: Unify timer callback process code (bsc#1051510).
- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- alsa: usx2y: fix a double free bug (bsc#1051510).
- appletalk: Fix compile regression (bsc#1051510).
- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
- arm64: acpi: fix alignment fault in accessing ACPI (bsc#1117158).
- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
- arm64: fix ACPI dependencies (bsc#1117158).
- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).
- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- asoc: fix valid stream condition (bsc#1051510).
- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- asoc: stm32: fix sai driver name initialisation (bsc#1051510).
- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: treat stale dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
- block: fix the return errno for direct IO (bsc#1135320).
- block: fix use-after-free on gendisk (bsc#1135312).
- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
- bluetooth: hidp: fix buffer overflow (bsc#1051510).
- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).
- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).
- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).
- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).
- bpf: Add missed newline in verifier verbose log (bsc#1056787).
- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).
- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).
- btrfs: fix race updating log root item during fsync (bsc#1137153).
- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).
- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- dccp: Fix memleak in __feat_register_sp (bsc#1051510).
- debugfs: fix use-after-free on symlink traversal (bsc#1051510).
- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
- drm/etnaviv: lock MMU while dumping core (bsc#1113722)
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).
- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: refine ggtt range validation (bsc#1113722)
- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)
- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
- drm/rockchip: fix for mailbox read validation (bsc#1051510).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)
- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).
- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).
- efi/arm: Do not mark ACPI reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: libstub: add a root memreserve config table (bsc#1117158).
- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).
- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).
- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).
- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).
- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).
- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).
- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).
- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).
- ext4: actually request zeroing of inode table after grow (bsc#1135315).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: Do not warn when enabling DAX (bsc#1132894).
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
- ext4: make sanity check in mballoc more strict (bsc#1136439).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
- fix rtnh_ok() (git-fixes).
- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- git_sort: add crypto maintainer tree.
- git-sort: Always explicitely handle a pygit2 import error As pointed out by Michal Suchanek, the limitation in commit 6d67b1042a73 ('series_sort: Catch pygit2 import failure.') is wrong; given that there is no explicit installation step of the git-sort scripts and that they are 'just there' in the kernel-source repository, every user-callable script needs to check that the user followed installation requirements.
- git-sort: Handle new pygit2.discover_repository behavior A consequence of pygit2 commit c32ee0c25384 ('Now discover_repository returns None if repo not found').
- git-sort: Move mainline remote check to series_sort git_sort can be used on any git repository. series_sort() OTOH expects the reference repository to be a clone of the mainline Linux kernel repository. Move the warning accordingly and make it an error since further operations would fail. Fixes: 027d52475873 ('scripts: git_sort: Warn about missing upstream repo')
- git-sort: README: Add information about how to report problems
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- hid: input: add mapping for Assistant key (bsc#1051510).
- hid: input: add mapping for Expose/Overview key (bsc#1051510).
- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).
- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- ibmvnic: Add device identification to requested IRQs (bsc#1137739).
- ibmvnic: Do not close unopened driver during reset (bsc#1137752).
- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
- ibmvnic: Refresh device multicast list after reset (bsc#1137752).
- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
- igmp: fix incorrect unsolicit report count when join group (git-fixes).
- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).
- inetpeer: fix uninit-value in inet_getpeer (git-fixes).
- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
- input: introduce KEY_ASSISTANT (bsc#1051510).
- input: synaptics-rmi4 - fix possible double free (bsc#1051510).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).
- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).
- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
- ip_gre: fix parsing gre header in ipgre_err (git-fixes).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).
- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).
- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).
- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).
- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
- ipvlan: fix ipv6 outbound device (bsc#1051510).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
- ipvs: fix buffer overflow with sync daemon and service (git-fixes).
- ipvs: fix check on xmit to non-local addresses (git-fixes).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
- ipvs: fix stats update from local clients (git-fixes).
- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
- jbd2: check superblock mapped prior to committing (bsc#1136430).
- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
- kABI: protect dma-mapping.h include (kabi).
- kABI: protect functions using struct net_generic (bsc#1130409 LTC#176346).
- kABI: protect ip_options_rcv_srr (kabi).
- kABI: protect struct mlx5_td (kabi).
- kABI: protect struct pci_dev (kabi).
- kABI: protect struct smcd_dev (bsc#1130409 LTC#176346).
- kABI: protect struct smc_ib_device (bsc#1130409 LTC#176346).
- kABI: protect struct smc_link (bsc#1129857 LTC#176247).
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).
- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128905 LTC#176077).
- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
- kvm: s390: use created_vcpus in more places (bsc#1136206).
- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- libata: fix using DMA buffers on stack (bsc#1051510).
- lib: do not depend on linux headers being installed (bsc#1130972).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).
- livepatch: Remove custom kobject state handling (bsc#1071995).
- livepatch: Remove duplicated code for early initialization (bsc#1071995).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
- mac8390: Fix mmio access size probe (bsc#1051510).
- md: fix invalid stored role for a disk (bsc#1051510).
- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- memcg: make it work on sparse non-0-node systems (bnc#1133616).
- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
- mISDN: Check address length before reading address family (bsc#1051510).
- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).
- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: Fix possible buffer overflows at parsing bss descriptor
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).
- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).
- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
- net: do not keep lonely packets forever in the gro hash (git-fixes).
- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).
- net: dsa: legacy: do not unmask port bitmaps (git-fixes).
- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).
- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).
- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
- netfilter: drop template ct when conntrack is skipped (git-fixes).
- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).
- netfilter: ebtables: handle string from userspace with care (git-fixes).
- netfilter: ebtables: reject non-bridge targets (git-fixes).
- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).
- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).
- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).
- netfilter: nf_tables: fix leaking object reference count (git-fixes).
- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).
- netfilter: nf_tables: release chain in flushing set (git-fixes).
- netfilter: nft_compat: do not dump private area (git-fixes).
- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).
- net: Fix a bug in removing queues from XPS map (git-fixes).
- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).
- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).
- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).
- net/ibmvnic: Remove tests of member address (bsc#1137739).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net: initialize skb->peeked when cloning (git-fixes).
- net/ipv4: defensive cipso option parsing (git-fixes).
- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).
- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
- netlink: fix uninit-value in netlink_sendmsg (git-fixes).
- net: make skb_partial_csum_set() more robust against overflows (git-fixes).
- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).
- net/mlx5e: Fix trailing semicolon (bsc#1075020).
- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).
- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).
- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
- net: rose: fix a possible stack overflow (networking-stable-19_03_28).
- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).
- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).
- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).
- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).
- net/smc: add pnet table namespace support (bsc#1130409 LTC#176346).
- net/smc: add smcd support to the pnet table (bsc#1130409 LTC#176346).
- net/smc: allow 16 byte pnetids in netlink policy (bsc#1129857 LTC#176247).
- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1130409 LTC#176346).
- net/smc: allow pnetid-less configuration (bsc#1130409 LTC#176346).
- net/smc: call smc_cdc_msg_send() under send_lock (bsc#1129857 LTC#176247).
- net/smc: check connections in smc_lgr_free_work (bsc#1129857 LTC#176247).
- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
- net/smc: check port_idx of ib event (bsc#1129857 LTC#176247).
- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1130409 LTC#176346).
- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
- net/smc: correct state change for peer closing (bsc#1129857 LTC#176247).
- net/smc: delete rkey first before switching to unused (bsc#1129857 LTC#176247).
- net/smc: do not wait for send buffer space when data was already sent (bsc#1129857 LTC#176247).
- net/smc: do not wait under send_lock (bsc#1129857 LTC#176247).
- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
- net/smc: fix another sizeof to int comparison (bsc#1129857 LTC#176247).
- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
- net/smc: fix byte_order for rx_curs_confirmed (bsc#1129848 LTC#176249).
- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
- net/smc: fix sender_free computation (bsc#1129857 LTC#176247).
- net/smc: fix smc_poll in SMC_INIT state (bsc#1129848 LTC#176249).
- net/smc: fix use of variable in cleared area (bsc#1129857 LTC#176247).
- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
- net/smc: move code to clear the conn->lgr field (bsc#1129857 LTC#176247).
- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
- net/smc: move wake up of close waiter (bsc#1129857 LTC#176247).
- net/smc: no delay for free tx buffer wait (bsc#1129857 LTC#176247).
- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
- net/smc: postpone release of clcsock (bsc#1129857 LTC#176247).
- net/smc: preallocated memory for rdma work requests (bsc#1129857 LTC#176247).
- net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() (bsc#1129857 LTC#176247).
- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
- net/smc: recvmsg and splice_read should return 0 after shutdown (bsc#1129857 LTC#176247).
- net/smc: reduce amount of status updates to peer (bsc#1129857 LTC#176247).
- net/smc: reset cursor update required flag (bsc#1129857 LTC#176247).
- net/smc: rework pnet table (bsc#1130409 LTC#176346).
- net/smc: unlock LGR pending lock earlier for SMC-D (bsc#1129857 LTC#176247).
- net/smc: use client and server LGR pending locks for SMC-R (bsc#1129857 LTC#176247).
- net/smc: use device link provided in qp_context (bsc#1129857 LTC#176247).
- net/smc: use smc_curs_copy() for SMC-D (bsc#1129857 LTC#176247).
- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).
- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).
- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).
- net: test tailroom before appending to linear skb (git-fixes).
- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).
- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
- net: use indirect call wrappers at GRO network layer (bsc#1124503).
- net: use indirect call wrappers at GRO transport layer (bsc#1124503).
- nfs: add module option to limit NFSv4 minor version (jsc#PM-231).
- nfs: Update config files for NFSv4.2 Enable NFSv4.2 support - jsc@PM-231 This requires a module parameter for NFSv4.2 to actually be available on SLE12 and SLE15-SP0
- nfsv4.x: always serialize open/close operations (bsc#1114893).
- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
- nvme: Do not remove namespaces during reset (bsc#1131673).
- nvme: flush scan_work when resetting controller (bsc#1131673).
- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
- objtool: Fix function fallthrough detection (bsc#1058115).
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (git-fixes).
- packet: refine ring v3 block size test to hold one frame (git-fixes).
- packet: reset network header if packet shorter than ll reserved space (git-fixes).
- packets: Always register packet sk in the same order (networking-stable-19_03_28).
- packet: validate msg_namelen in send directly (git-fixes).
- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).
- pci: Factor out pcie_retrain_link() function (git-fixes).
- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).
- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
- powerpc/process: Fix sparse address space warnings (bsc#1065729).
- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
- proc/kcore: do not bounds check against address 0 (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).
- re-export snd_cards for kABI compatibility (bsc#1051510).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- Revert 'ALSA: seq: Protect in-kernel ioctl calls with mutex' (bsc#1051510).
- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).
- Revert 'drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)' The patch seems buggy, breaks the build for armv7hl/pae config.
- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).
- Revert 'tty: pty: Fix race condition between release_one_tty and pty_write' (bsc#1051510).
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).
- s390/ism: ignore some errors during deregistration (bsc#1129857 LTC#176247).
- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- scripts/bugzilla-create: Set 'Proactive-Upstream-Fix' keyword
- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi: qedf: fixup bit operations (bsc#1135542).
- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).
- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).
- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).
- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).
- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).
- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).
- scsi: qla2xxx: Remove unused symbols (bsc#1118139).
- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).
- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).
- sctp: fix identification of new acks for SFR-CACC (git-fixes).
- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).
- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).
- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).
- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- signal: Always notice exiting tasks (git-fixes).
- signal: Better detection of synchronous signals (git-fixes).
- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
- smc: move unhash as early as possible in smc_release() (bsc#1129857 LTC#176247).
- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi: Micrel eth switch: declare missing of table (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- switchtec: Fix unintended mask of MRPC event (git-fixes).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: purge write queue in tcp_connect_init() (git-fixes).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).
- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).
- team: set slave to promisc if team is already in promisc mode (bsc#1051510).
- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).
- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).
- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
- tipc: missing entries in name table of publications (networking-stable-19_04_19).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- treewide: Use DEVICE_ATTR_WO (bsc#1137739).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: serial_core, add ->install (bnc#1129693).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).
- tun: properly test for IFF_UP (networking-stable-19_03_28).
- uas: fix alignment of scatter/gather segments (bsc#1129770).
- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
- usb: cdc-acm: fix unthrottle races (bsc#1051510).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- usb: serial: fix unthrottle races (bsc#1051510).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- usb: yurex: Fix protection fault after device removal (bsc#1051510).
- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vhost: reject zero size iova range (networking-stable-19_04_19).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vt: always call notifier with the console lock held (bsc#1051510).
- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
- xfrm6: call kfree_skb when skb is toobig (git-fixes).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).
- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).
- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).
- xfrm: Return error on unknown encap_type in init_state (git-fixes).
- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
- xfs: add log item pinning error injection tag (bsc#1114427).
- xfs: buffer lru reference count error injection tag (bsc#1114427).
- xfs: check _btree_check_block value (bsc#1123663).
- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
- xfs: create block pointer check functions (bsc#1123663).
- xfs: create inode pointer verifiers (bsc#1114427).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
- xfs: export various function for the online scrubber (bsc#1123663).
- xfs: expose errortag knobs via sysfs (bsc#1114427).
- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
- xfs: force summary counter recalc at next mount (bsc#1114427).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: make errortag a per-mountpoint structure (bsc#1123663).
- xfs: move error injection tags into their own file (bsc#1114427).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor btree block header checking functions (bsc#1123663).
- xfs: refactor btree pointer checks (bsc#1123663).
- xfs: refactor unmount record write (bsc#1114427).
- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
- xfs: sanity-check the unused space before trying to use it (bsc#1123663).
- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).
Patchnames
SUSE-2019-1536,SUSE-SLE-SERVER-12-SP4-2019-1536
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n \nThe SUSE Linux Enterprise 12 SP4 kernel was updated to 4.12.14 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.\n- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)\n- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)\n- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)\n- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\\0' character. (bnc#1134848)\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)\n\nThe following non-security bugs were fixed:\n\n- 9p locks: add mount option for lock retry interval (bsc#1051510).\n- acpi: button: reinitialize button state upon resume (bsc#1051510).\n- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).\n- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).\n- acpi: fix menuconfig presentation of ACPI submenu (bsc#1117158).\n- acpi / utils: Drop reference in test for device presence (bsc#1051510).\n- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).\n- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).\n- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: hda/realtek - EAPD turn on later (bsc#1051510).\n- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).\n- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).\n- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).\n- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).\n- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).\n- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).\n- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).\n- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- alsa: timer: Coding style fixes (bsc#1051510).\n- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- alsa: timer: Make sure to clear pending ack list (bsc#1051510).\n- alsa: timer: Revert active callback sync check at close (bsc#1051510).\n- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- alsa: timer: Unify timer callback process code (bsc#1051510).\n- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).\n- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- alsa: usx2y: fix a double free bug (bsc#1051510).\n- appletalk: Fix compile regression (bsc#1051510).\n- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).\n- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).\n- arm64: acpi: fix alignment fault in accessing ACPI (bsc#1117158).\n- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).\n- arm64: fix ACPI dependencies (bsc#1117158).\n- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).\n- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).\n- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).\n- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).\n- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).\n- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).\n- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).\n- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).\n- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).\n- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).\n- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).\n- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).\n- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- asoc: fix valid stream condition (bsc#1051510).\n- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- asoc: stm32: fix sai driver name initialisation (bsc#1051510).\n- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: treat stale dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).\n- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).\n- block: fix the return errno for direct IO (bsc#1135320).\n- block: fix use-after-free on gendisk (bsc#1135312).\n- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).\n- bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).\n- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).\n- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).\n- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).\n- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).\n- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).\n- bpf: Add missed newline in verifier verbose log (bsc#1056787).\n- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).\n- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).\n- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).\n- btrfs: fix race updating log root item during fsync (bsc#1137153).\n- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).\n- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).\n- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).\n- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).\n- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- dccp: Fix memleak in __feat_register_sp (bsc#1051510).\n- debugfs: fix use-after-free on symlink traversal (bsc#1051510).\n- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).\n- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).\n- drm/etnaviv: lock MMU while dumping core (bsc#1113722)\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).\n- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).\n- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)\n- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).\n- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: refine ggtt range validation (bsc#1113722)\n- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)\n- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)\n- drm/rockchip: fix for mailbox read validation (bsc#1051510).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)\n- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).\n- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).\n- efi/arm: Do not mark ACPI reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: libstub: add a root memreserve config table (bsc#1117158).\n- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).\n- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).\n- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).\n- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).\n- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).\n- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).\n- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).\n- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).\n- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).\n- ext4: actually request zeroing of inode table after grow (bsc#1135315).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: Do not warn when enabling DAX (bsc#1132894).\n- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).\n- ext4: make sanity check in mballoc more strict (bsc#1136439).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)\n- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)\n- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).\n- fix rtnh_ok() (git-fixes).\n- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).\n- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- git_sort: add crypto maintainer tree.\n- git-sort: Always explicitely handle a pygit2 import error As pointed out by Michal Suchanek, the limitation in commit 6d67b1042a73 ('series_sort: Catch pygit2 import failure.') is wrong; given that there is no explicit installation step of the git-sort scripts and that they are 'just there' in the kernel-source repository, every user-callable script needs to check that the user followed installation requirements.\n- git-sort: Handle new pygit2.discover_repository behavior A consequence of pygit2 commit c32ee0c25384 ('Now discover_repository returns None if repo not found').\n- git-sort: Move mainline remote check to series_sort git_sort can be used on any git repository. series_sort() OTOH expects the reference repository to be a clone of the mainline Linux kernel repository. Move the warning accordingly and make it an error since further operations would fail. Fixes: 027d52475873 ('scripts: git_sort: Warn about missing upstream repo')\n- git-sort: README: Add information about how to report problems\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).\n- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- hid: input: add mapping for Assistant key (bsc#1051510).\n- hid: input: add mapping for Expose/Overview key (bsc#1051510).\n- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).\n- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).\n- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- ibmvnic: Add device identification to requested IRQs (bsc#1137739).\n- ibmvnic: Do not close unopened driver during reset (bsc#1137752).\n- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).\n- ibmvnic: Refresh device multicast list after reset (bsc#1137752).\n- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).\n- igmp: fix incorrect unsolicit report count when join group (git-fixes).\n- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).\n- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).\n- inetpeer: fix uninit-value in inet_getpeer (git-fixes).\n- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).\n- input: introduce KEY_ASSISTANT (bsc#1051510).\n- input: synaptics-rmi4 - fix possible double free (bsc#1051510).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).\n- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).\n- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).\n- ip_gre: fix parsing gre header in ipgre_err (git-fixes).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).\n- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).\n- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).\n- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).\n- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).\n- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).\n- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).\n- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).\n- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).\n- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).\n- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).\n- ipvlan: fix ipv6 outbound device (bsc#1051510).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).\n- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).\n- ipvs: fix buffer overflow with sync daemon and service (git-fixes).\n- ipvs: fix check on xmit to non-local addresses (git-fixes).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).\n- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).\n- ipvs: fix stats update from local clients (git-fixes).\n- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).\n- jbd2: check superblock mapped prior to committing (bsc#1136430).\n- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).\n- kABI: protect dma-mapping.h include (kabi).\n- kABI: protect functions using struct net_generic (bsc#1130409 LTC#176346).\n- kABI: protect ip_options_rcv_srr (kabi).\n- kABI: protect struct mlx5_td (kabi).\n- kABI: protect struct pci_dev (kabi).\n- kABI: protect struct smcd_dev (bsc#1130409 LTC#176346).\n- kABI: protect struct smc_ib_device (bsc#1130409 LTC#176346).\n- kABI: protect struct smc_link (bsc#1129857 LTC#176247).\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).\n- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).\n- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).\n- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128905 LTC#176077).\n- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).\n- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).\n- kvm: s390: use created_vcpus in more places (bsc#1136206).\n- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).\n- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).\n- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).\n- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).\n- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).\n- livepatch: Remove custom kobject state handling (bsc#1071995).\n- livepatch: Remove duplicated code for early initialization (bsc#1071995).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).\n- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).\n- mac8390: Fix mmio access size probe (bsc#1051510).\n- md: fix invalid stored role for a disk (bsc#1051510).\n- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- memcg: make it work on sparse non-0-node systems (bnc#1133616).\n- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).\n- mISDN: Check address length before reading address family (bsc#1051510).\n- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).\n- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)\n- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: Fix possible buffer overflows at parsing bss descriptor\n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).\n- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).\n- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).\n- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).\n- net: do not keep lonely packets forever in the gro hash (git-fixes).\n- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).\n- net: dsa: legacy: do not unmask port bitmaps (git-fixes).\n- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).\n- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).\n- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).\n- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).\n- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).\n- netfilter: drop template ct when conntrack is skipped (git-fixes).\n- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).\n- netfilter: ebtables: handle string from userspace with care (git-fixes).\n- netfilter: ebtables: reject non-bridge targets (git-fixes).\n- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).\n- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).\n- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).\n- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).\n- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).\n- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).\n- netfilter: nf_tables: fix leaking object reference count (git-fixes).\n- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).\n- netfilter: nf_tables: release chain in flushing set (git-fixes).\n- netfilter: nft_compat: do not dump private area (git-fixes).\n- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).\n- net: Fix a bug in removing queues from XPS map (git-fixes).\n- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).\n- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).\n- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).\n- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).\n- net/ibmvnic: Remove tests of member address (bsc#1137739).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net: initialize skb->peeked when cloning (git-fixes).\n- net/ipv4: defensive cipso option parsing (git-fixes).\n- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).\n- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).\n- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).\n- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).\n- netlink: fix uninit-value in netlink_sendmsg (git-fixes).\n- net: make skb_partial_csum_set() more robust against overflows (git-fixes).\n- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).\n- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).\n- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).\n- net/mlx5e: Fix trailing semicolon (bsc#1075020).\n- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).\n- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).\n- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).\n- net: rose: fix a possible stack overflow (networking-stable-19_03_28).\n- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).\n- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).\n- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).\n- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).\n- net/smc: add pnet table namespace support (bsc#1130409 LTC#176346).\n- net/smc: add smcd support to the pnet table (bsc#1130409 LTC#176346).\n- net/smc: allow 16 byte pnetids in netlink policy (bsc#1129857 LTC#176247).\n- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1130409 LTC#176346).\n- net/smc: allow pnetid-less configuration (bsc#1130409 LTC#176346).\n- net/smc: call smc_cdc_msg_send() under send_lock (bsc#1129857 LTC#176247).\n- net/smc: check connections in smc_lgr_free_work (bsc#1129857 LTC#176247).\n- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).\n- net/smc: check port_idx of ib event (bsc#1129857 LTC#176247).\n- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1130409 LTC#176346).\n- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).\n- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).\n- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).\n- net/smc: correct state change for peer closing (bsc#1129857 LTC#176247).\n- net/smc: delete rkey first before switching to unused (bsc#1129857 LTC#176247).\n- net/smc: do not wait for send buffer space when data was already sent (bsc#1129857 LTC#176247).\n- net/smc: do not wait under send_lock (bsc#1129857 LTC#176247).\n- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).\n- net/smc: fix another sizeof to int comparison (bsc#1129857 LTC#176247).\n- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).\n- net/smc: fix byte_order for rx_curs_confirmed (bsc#1129848 LTC#176249).\n- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).\n- net/smc: fix sender_free computation (bsc#1129857 LTC#176247).\n- net/smc: fix smc_poll in SMC_INIT state (bsc#1129848 LTC#176249).\n- net/smc: fix use of variable in cleared area (bsc#1129857 LTC#176247).\n- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).\n- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).\n- net/smc: move code to clear the conn->lgr field (bsc#1129857 LTC#176247).\n- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).\n- net/smc: move wake up of close waiter (bsc#1129857 LTC#176247).\n- net/smc: no delay for free tx buffer wait (bsc#1129857 LTC#176247).\n- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).\n- net/smc: postpone release of clcsock (bsc#1129857 LTC#176247).\n- net/smc: preallocated memory for rdma work requests (bsc#1129857 LTC#176247).\n- net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() (bsc#1129857 LTC#176247).\n- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).\n- net/smc: recvmsg and splice_read should return 0 after shutdown (bsc#1129857 LTC#176247).\n- net/smc: reduce amount of status updates to peer (bsc#1129857 LTC#176247).\n- net/smc: reset cursor update required flag (bsc#1129857 LTC#176247).\n- net/smc: rework pnet table (bsc#1130409 LTC#176346).\n- net/smc: unlock LGR pending lock earlier for SMC-D (bsc#1129857 LTC#176247).\n- net/smc: use client and server LGR pending locks for SMC-R (bsc#1129857 LTC#176247).\n- net/smc: use device link provided in qp_context (bsc#1129857 LTC#176247).\n- net/smc: use smc_curs_copy() for SMC-D (bsc#1129857 LTC#176247).\n- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).\n- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).\n- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).\n- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).\n- net: test tailroom before appending to linear skb (git-fixes).\n- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).\n- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).\n- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).\n- net: use indirect call wrappers at GRO network layer (bsc#1124503).\n- net: use indirect call wrappers at GRO transport layer (bsc#1124503).\n- nfs: add module option to limit NFSv4 minor version (jsc#PM-231).\n- nfs: Update config files for NFSv4.2 Enable NFSv4.2 support - jsc@PM-231 This requires a module parameter for NFSv4.2 to actually be available on SLE12 and SLE15-SP0\n- nfsv4.x: always serialize open/close operations (bsc#1114893).\n- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).\n- nvme: Do not remove namespaces during reset (bsc#1131673).\n- nvme: flush scan_work when resetting controller (bsc#1131673).\n- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).\n- objtool: Fix function fallthrough detection (bsc#1058115).\n- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (git-fixes).\n- packet: refine ring v3 block size test to hold one frame (git-fixes).\n- packet: reset network header if packet shorter than ll reserved space (git-fixes).\n- packets: Always register packet sk in the same order (networking-stable-19_03_28).\n- packet: validate msg_namelen in send directly (git-fixes).\n- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).\n- pci: Factor out pcie_retrain_link() function (git-fixes).\n- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).\n- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).\n- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).\n- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).\n- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).\n- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).\n- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).\n- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).\n- powerpc/process: Fix sparse address space warnings (bsc#1065729).\n- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).\n- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).\n- proc/kcore: do not bounds check against address 0 (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).\n- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).\n- re-export snd_cards for kABI compatibility (bsc#1051510).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- Revert 'ALSA: seq: Protect in-kernel ioctl calls with mutex' (bsc#1051510).\n- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).\n- Revert 'drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)' The patch seems buggy, breaks the build for armv7hl/pae config.\n- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).\n- Revert 'tty: pty: Fix race condition between release_one_tty and pty_write' (bsc#1051510).\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).\n- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).\n- s390/ism: ignore some errors during deregistration (bsc#1129857 LTC#176247).\n- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- scripts/bugzilla-create: Set 'Proactive-Upstream-Fix' keyword\n- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi: qedf: fixup bit operations (bsc#1135542).\n- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).\n- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).\n- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).\n- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).\n- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).\n- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).\n- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).\n- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).\n- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).\n- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).\n- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).\n- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).\n- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).\n- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).\n- scsi: qla2xxx: Remove unused symbols (bsc#1118139).\n- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).\n- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).\n- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).\n- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).\n- sctp: fix identification of new acks for SFR-CACC (git-fixes).\n- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).\n- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).\n- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- signal: Always notice exiting tasks (git-fixes).\n- signal: Better detection of synchronous signals (git-fixes).\n- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).\n- smc: move unhash as early as possible in smc_release() (bsc#1129857 LTC#176247).\n- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi: Micrel eth switch: declare missing of table (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- switchtec: Fix unintended mask of MRPC event (git-fixes).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: purge write queue in tcp_connect_init() (git-fixes).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).\n- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).\n- team: set slave to promisc if team is already in promisc mode (bsc#1051510).\n- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).\n- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).\n- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).\n- tipc: missing entries in name table of publications (networking-stable-19_04_19).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- treewide: Use DEVICE_ATTR_WO (bsc#1137739).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: serial_core, add ->install (bnc#1129693).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).\n- tun: properly test for IFF_UP (networking-stable-19_03_28).\n- uas: fix alignment of scatter/gather segments (bsc#1129770).\n- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).\n- usb: cdc-acm: fix unthrottle races (bsc#1051510).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- usb: serial: fix unthrottle races (bsc#1051510).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- usb: yurex: Fix protection fault after device removal (bsc#1051510).\n- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vhost: reject zero size iova range (networking-stable-19_04_19).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vt: always call notifier with the console lock held (bsc#1051510).\n- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).\n- xfrm6: call kfree_skb when skb is toobig (git-fixes).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).\n- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).\n- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).\n- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).\n- xfrm: Return error on unknown encap_type in init_state (git-fixes).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).\n- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).\n- xfs: add log item pinning error injection tag (bsc#1114427).\n- xfs: buffer lru reference count error injection tag (bsc#1114427).\n- xfs: check _btree_check_block value (bsc#1123663).\n- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).\n- xfs: create block pointer check functions (bsc#1123663).\n- xfs: create inode pointer verifiers (bsc#1114427).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).\n- xfs: export various function for the online scrubber (bsc#1123663).\n- xfs: expose errortag knobs via sysfs (bsc#1114427).\n- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).\n- xfs: force summary counter recalc at next mount (bsc#1114427).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: make errortag a per-mountpoint structure (bsc#1123663).\n- xfs: move error injection tags into their own file (bsc#1114427).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor btree block header checking functions (bsc#1123663).\n- xfs: refactor btree pointer checks (bsc#1123663).\n- xfs: refactor unmount record write (bsc#1114427).\n- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).\n- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).\n- xfs: sanity-check the unused space before trying to use it (bsc#1123663).\n- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1536,SUSE-SLE-SERVER-12-SP4-2019-1536", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1536-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1536-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191536-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1536-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005573.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1050242", url: "https://bugzilla.suse.com/1050242", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1056787", url: "https://bugzilla.suse.com/1056787", }, { category: "self", summary: "SUSE Bug 1058115", url: "https://bugzilla.suse.com/1058115", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1064802", url: "https://bugzilla.suse.com/1064802", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066129", url: "https://bugzilla.suse.com/1066129", }, { category: "self", summary: "SUSE Bug 1068546", url: "https://bugzilla.suse.com/1068546", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1075020", url: "https://bugzilla.suse.com/1075020", }, { category: "self", summary: "SUSE Bug 1082387", url: "https://bugzilla.suse.com/1082387", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1103992", url: "https://bugzilla.suse.com/1103992", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104427", url: "https://bugzilla.suse.com/1104427", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1114427", url: "https://bugzilla.suse.com/1114427", }, { category: "self", summary: "SUSE Bug 1114893", url: "https://bugzilla.suse.com/1114893", }, { category: "self", summary: "SUSE Bug 1115688", url: "https://bugzilla.suse.com/1115688", }, { category: "self", summary: "SUSE Bug 1117158", url: "https://bugzilla.suse.com/1117158", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1118139", url: "https://bugzilla.suse.com/1118139", }, { category: "self", summary: "SUSE Bug 1119843", url: "https://bugzilla.suse.com/1119843", }, { category: "self", summary: "SUSE Bug 1120091", url: "https://bugzilla.suse.com/1120091", }, { category: "self", summary: "SUSE Bug 1120423", url: "https://bugzilla.suse.com/1120423", }, { category: "self", summary: "SUSE Bug 1120566", url: "https://bugzilla.suse.com/1120566", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1123454", url: "https://bugzilla.suse.com/1123454", }, { category: "self", summary: "SUSE Bug 1123663", url: "https://bugzilla.suse.com/1123663", }, { category: "self", summary: "SUSE Bug 1124503", url: "https://bugzilla.suse.com/1124503", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1127616", url: "https://bugzilla.suse.com/1127616", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1128904", url: "https://bugzilla.suse.com/1128904", }, { category: "self", summary: "SUSE Bug 1128905", url: "https://bugzilla.suse.com/1128905", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129497", url: "https://bugzilla.suse.com/1129497", }, { category: "self", summary: "SUSE Bug 1129693", url: "https://bugzilla.suse.com/1129693", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1129848", url: "https://bugzilla.suse.com/1129848", }, { category: "self", summary: "SUSE Bug 1129857", url: "https://bugzilla.suse.com/1129857", }, { category: "self", summary: "SUSE Bug 1130409", url: "https://bugzilla.suse.com/1130409", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1132894", url: "https://bugzilla.suse.com/1132894", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133190", url: "https://bugzilla.suse.com/1133190", }, { category: "self", summary: "SUSE Bug 1133320", url: "https://bugzilla.suse.com/1133320", }, { category: "self", summary: "SUSE Bug 1133612", url: "https://bugzilla.suse.com/1133612", }, { category: "self", summary: "SUSE Bug 1133616", url: "https://bugzilla.suse.com/1133616", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134199", url: "https://bugzilla.suse.com/1134199", }, { category: "self", summary: "SUSE Bug 1134200", url: "https://bugzilla.suse.com/1134200", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134203", url: "https://bugzilla.suse.com/1134203", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134354", url: "https://bugzilla.suse.com/1134354", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134460", url: "https://bugzilla.suse.com/1134460", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134537", url: "https://bugzilla.suse.com/1134537", }, { category: "self", summary: "SUSE Bug 1134591", url: "https://bugzilla.suse.com/1134591", }, { category: "self", summary: "SUSE Bug 1134597", url: "https://bugzilla.suse.com/1134597", }, { category: "self", summary: "SUSE Bug 1134607", url: "https://bugzilla.suse.com/1134607", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134671", url: "https://bugzilla.suse.com/1134671", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1134936", url: "https://bugzilla.suse.com/1134936", }, { category: "self", summary: "SUSE Bug 1135006", url: "https://bugzilla.suse.com/1135006", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135056", url: "https://bugzilla.suse.com/1135056", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135278", url: "https://bugzilla.suse.com/1135278", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135309", url: "https://bugzilla.suse.com/1135309", }, { category: "self", summary: "SUSE Bug 1135312", url: "https://bugzilla.suse.com/1135312", }, { category: "self", summary: "SUSE Bug 1135314", url: "https://bugzilla.suse.com/1135314", }, { category: "self", summary: "SUSE Bug 1135315", url: "https://bugzilla.suse.com/1135315", }, { category: "self", summary: "SUSE Bug 1135316", url: "https://bugzilla.suse.com/1135316", }, { category: "self", summary: "SUSE Bug 1135320", url: "https://bugzilla.suse.com/1135320", }, { category: "self", summary: "SUSE Bug 1135323", url: "https://bugzilla.suse.com/1135323", }, { category: "self", summary: "SUSE Bug 1135330", url: "https://bugzilla.suse.com/1135330", }, { category: "self", summary: "SUSE Bug 1135492", url: "https://bugzilla.suse.com/1135492", }, { category: "self", summary: "SUSE Bug 1135542", url: "https://bugzilla.suse.com/1135542", }, { category: "self", summary: "SUSE Bug 1135556", url: "https://bugzilla.suse.com/1135556", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135758", url: "https://bugzilla.suse.com/1135758", }, { category: "self", summary: "SUSE Bug 1136206", url: "https://bugzilla.suse.com/1136206", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136428", url: "https://bugzilla.suse.com/1136428", }, { category: "self", summary: "SUSE Bug 1136430", url: "https://bugzilla.suse.com/1136430", }, { category: "self", summary: "SUSE Bug 1136432", url: "https://bugzilla.suse.com/1136432", }, { category: "self", summary: "SUSE Bug 1136434", url: "https://bugzilla.suse.com/1136434", }, { category: "self", summary: "SUSE Bug 1136435", url: "https://bugzilla.suse.com/1136435", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136439", url: "https://bugzilla.suse.com/1136439", }, { category: "self", summary: "SUSE Bug 1136477", url: "https://bugzilla.suse.com/1136477", }, { category: "self", summary: "SUSE Bug 1136478", url: "https://bugzilla.suse.com/1136478", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136881", url: "https://bugzilla.suse.com/1136881", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137151", url: "https://bugzilla.suse.com/1137151", }, { category: "self", summary: "SUSE Bug 1137152", url: "https://bugzilla.suse.com/1137152", }, { category: "self", summary: "SUSE Bug 1137153", url: "https://bugzilla.suse.com/1137153", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137372", url: "https://bugzilla.suse.com/1137372", }, { category: "self", summary: "SUSE Bug 1137444", url: "https://bugzilla.suse.com/1137444", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 1137739", url: "https://bugzilla.suse.com/1137739", }, { category: "self", summary: "SUSE Bug 1137752", url: "https://bugzilla.suse.com/1137752", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-10124 page", url: "https://www.suse.com/security/cve/CVE-2019-10124/", }, { category: "self", summary: "SUSE CVE CVE-2019-11085 page", url: "https://www.suse.com/security/cve/CVE-2019-11085/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11487 page", url: "https://www.suse.com/security/cve/CVE-2019-11487/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-17T17:24:44Z", generator: { date: "2019-06-17T17:24:44Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1536-1", initial_release_date: "2019-06-17T17:24:44Z", revision_history: [ { date: "2019-06-17T17:24:44Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.12.14-6.15.2.noarch", product: { name: "kernel-devel-azure-4.12.14-6.15.2.noarch", product_id: "kernel-devel-azure-4.12.14-6.15.2.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.12.14-6.15.2.noarch", product: { name: "kernel-source-azure-4.12.14-6.15.2.noarch", product_id: "kernel-source-azure-4.12.14-6.15.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-4.12.14-6.15.2.x86_64", product: { name: "cluster-md-kmp-azure-4.12.14-6.15.2.x86_64", product_id: "cluster-md-kmp-azure-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-4.12.14-6.15.2.x86_64", product: { name: "dlm-kmp-azure-4.12.14-6.15.2.x86_64", product_id: "dlm-kmp-azure-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-4.12.14-6.15.2.x86_64", product: { name: "gfs2-kmp-azure-4.12.14-6.15.2.x86_64", product_id: "gfs2-kmp-azure-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "kernel-azure-4.12.14-6.15.2.x86_64", product: { name: "kernel-azure-4.12.14-6.15.2.x86_64", product_id: "kernel-azure-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.12.14-6.15.2.x86_64", product: { name: "kernel-azure-base-4.12.14-6.15.2.x86_64", product_id: "kernel-azure-base-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.12.14-6.15.2.x86_64", product: { name: "kernel-azure-devel-4.12.14-6.15.2.x86_64", product_id: "kernel-azure-devel-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-4.12.14-6.15.2.x86_64", product: { name: "kernel-azure-extra-4.12.14-6.15.2.x86_64", product_id: "kernel-azure-extra-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "kernel-azure-kgraft-4.12.14-6.15.2.x86_64", product: { name: "kernel-azure-kgraft-4.12.14-6.15.2.x86_64", product_id: "kernel-azure-kgraft-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.12.14-6.15.2.x86_64", product: { name: "kernel-syms-azure-4.12.14-6.15.2.x86_64", product_id: "kernel-syms-azure-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-4.12.14-6.15.2.x86_64", product: { name: "kselftests-kmp-azure-4.12.14-6.15.2.x86_64", product_id: "kselftests-kmp-azure-4.12.14-6.15.2.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-4.12.14-6.15.2.x86_64", product: { name: "ocfs2-kmp-azure-4.12.14-6.15.2.x86_64", product_id: "ocfs2-kmp-azure-4.12.14-6.15.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4", product: { name: "SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-azure-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-azure-base-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-6.15.2.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", }, product_reference: "kernel-devel-azure-4.12.14-6.15.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-6.15.2.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", }, product_reference: "kernel-source-azure-4.12.14-6.15.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-azure-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-azure-base-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-6.15.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", }, product_reference: "kernel-devel-azure-4.12.14-6.15.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-6.15.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", }, product_reference: "kernel-source-azure-4.12.14-6.15.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-6.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-6.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-10124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10124", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10124", url: "https://www.suse.com/security/cve/CVE-2019-10124", }, { category: "external", summary: "SUSE Bug 1130699 for CVE-2019-10124", url: "https://bugzilla.suse.com/1130699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "moderate", }, ], title: "CVE-2019-10124", }, { cve: "CVE-2019-11085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11085", }, ], notes: [ { category: "general", text: "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11085", url: "https://www.suse.com/security/cve/CVE-2019-11085", }, { category: "external", summary: "SUSE Bug 1135278 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135278", }, { category: "external", summary: "SUSE Bug 1135280 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135280", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "important", }, ], title: "CVE-2019-11085", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11487", }, ], notes: [ { category: "general", text: "The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11487", url: "https://www.suse.com/security/cve/CVE-2019-11487", }, { category: "external", summary: "SUSE Bug 1133190 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133190", }, { category: "external", summary: "SUSE Bug 1133191 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "important", }, ], title: "CVE-2019-11487", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.15.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:24:44Z", details: "moderate", }, ], title: "CVE-2019-5489", }, ], }
suse-su-2019:2430-1
Vulnerability from csaf_suse
Published
2019-09-23 07:31
Modified
2019-09-23 07:31
Summary
Security update for kernel-source-rt
Notes
Title of the patch
Security update for kernel-source-rt
Description of the patch
The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing speculative execution which may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019. (bsc#1103186)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019. (bsc#1111331)
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). (bsc#1136586)
- CVE-2019-10124: An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker could cause a denial of service (bsc#1130699).
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions. (bsc#1133188)
- CVE-2019-11811: An issue was discovered in the Linux kernel There was a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module was removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c. (bsc#1134397)
- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It could occur with FUSE requests. (bsc#1133190)
- CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This used to affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293)
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (bsc#1135281)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bsc#1120843)
- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\0' character. (bsc#1134848)
- CVE-2019-9500: An issue was discovered that lead to brcmfmac heap buffer overflow. (bsc#1132681)
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bsc#1135278)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bsc#1135278)
- CVE-2018-16880: A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, could trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may have lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (bsc#1122767)
- CVE-2019-12819: The function __mdiobus_register() called put_device(), which triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of service. (bsc#1138291)
- CVE-2019-3882: A flaw was found in the Linux kernel's vfio interface implementation that permitted violation of the user's locked memory limit. If a device was bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may have caused a system memory exhaustion and thus a denial of service (DoS). (bsc#1131427)
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bsc#1136424)
- CVE-2019-8564: An issue was discoved which meant that brcmfmac frame validation could be bypassed. (bsc#1132673)
- CVE-2019-9503: An issue was discoved which meant that brcmfmac frame validation could be bypassed. (bsc#1132828)
- CVE-2019-9003: In the Linux kernel, attackers could trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a 'service ipmievd restart' loop. (bsc#1126704)
- CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may have allowed unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.
- CVE-2018-16871: A NULL pointer dereference due to an anomalized NFS message sequence was fixed. (bnc#1137103).
- CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c. There was an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash) (bnc#1137194).
- CVE-2019-12817: On the PowerPC architecture, local attackers could access other users processes memory (bnc#1138263).
- CVE-2018-20836: An issue was discovered in the Linux kernel There was a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free (bnc#1134395).
- CVE-2019-10638: In the Linux kernel, a device could be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may have been conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses (bnc#1140575 1140577).
- CVE-2019-10639: The Linux kernel allowed Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it was possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key was extracted (via enumeration), the offset of the kernel image was exposed. This attack could be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable because IP ID generation was changed to have a dependency on an address associated with a network namespace (bnc#1140577).
- CVE-2019-11599: The coredump implementation in the Linux kernel did not use locking or other mechanisms to prevent vma layout or vma flags changes while it ran, which allowed local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c (bnc#1131645 1133738).
- CVE-2019-13233: In arch/x86/lib/insn-eval.c in the Linux kernel, there was a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation (bnc#1140454).
- CVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace(bsc#1143045).
- CVE-2019-1125: Exclude ATOMs from speculation through SWAPGS (bsc#1139358).
- CVE-2019-11810: An issue was discovered in the Linux kernel A NULL pointer dereference could occur when megasas_create_frame_pool() failed in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This caused a Denial of Service, related to a use-after-free (bnc#1134399).
- CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel, a malicious USB device could send an HID report that triggered an out-of-bounds write during generation of debugging messages. (bnc#1142023)
- CVE-2019-13648: In the Linux kernel on the powerpc platform, when hardware transactional memory was disabled, a local user could cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sent a crafted signal frame. (bnc#1142254)
- CVE-2019-14283: In the Linux kernel, set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It could be triggered by an unprivileged local user when a floppy disk was inserted. NOTE: QEMU creates the floppy device by default. (bnc#1143191)
- CVE-2019-14284: In the Linux kernel, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. (bnc#1143189)
- CVE-2019-12456: An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a 'double fetch' vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used. (bsc#1136922)
- CVE-2019-12380: An issue was discovered in the efi subsystem in the Linux kernel phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. (bsc#1136598)
The following non-security bugs were fixed:
- 6lowpan: Off by one handling nexthdr (bsc#1051510).
- 9p locks: add mount option for lock retry interval (bsc#1051510).
- 9p: do not trust pdu content for stat item size (bsc#1051510).
- ARM: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
- ARM: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
- ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
- ARM: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
- ARM: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
- ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
- ARM: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
- ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
- ARM: iop: don't use using 64-bit DMA masks (bsc#1051510).
- ARM: orion: don't use using 64-bit DMA masks (bsc#1051510).
- ARM: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
- ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
- ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
- ASoC : cs4265 : readable register too low (bsc#1051510).
- ASoC: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- ASoC: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- ASoC: cs42xx8: Add regcache mask dirty (bsc#1051510).
- ASoC: cx2072x: fix integer overflow on unsigned int multiply (bsc#1111666).
- ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put (bsc#1051510).
- ASoC: fix valid stream condition (bsc#1051510).
- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).
- ASoC: fsl_asrc: Fix the issue about unsupported rate (bsc#1051510).
- ASoC: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).
- ASoC: fsl_sai: Update is_slave_mode with correct value (bsc#1051510).
- ASoC: fsl_utils: fix a leaked reference by adding missing of_node_put (bsc#1051510).
- ASoC: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- ASoC: hdmi-codec: unlock the device on startup errors (bsc#1051510).
- ASoC: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- ASoC: max98090: remove 24-bit format support if RJ is 0 (bsc#1051510).
- ASoC: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- ASoC: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- ASoC: soc-pcm: BE dai needs prepare when pause release after resume (bsc#1051510).
- ASoC: stm32: fix sai driver name initialisation (bsc#1051510).
- ASoC: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- ASoC: topology: free created components in tplg load error (bsc#1051510).
- ASoC: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- Abort file_remove_privs() for non-reg. files (bsc#1140888).
- Add back sibling paca poiter to paca (bsc#1055117).
- Backporting hwpoison fixes
- Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- Bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).
- Bluetooth: hidp: fix buffer overflow (bsc#1051510).
- CIFS: Do not count -ENODATA as failure for query directory (bsc#1051510).
- CIFS: Do not hide EINTR after sending network packets (bsc#1051510).
- CIFS: Do not reconnect TCP session in add_credits() (bsc#1051510).
- CIFS: Do not reset lease state to NONE on lease break (bsc#1051510).
- CIFS: Fix adjustment of credits for MTU requests (bsc#1051510).
- CIFS: Fix credit calculation for encrypted reads with errors (bsc#1051510).
- CIFS: Fix credits calculations for reads with errors (bsc#1051510).
- CIFS: Fix possible hang during async MTU reads and writes (bsc#1051510).
- CIFS: Fix read after write for files with read caching (bsc#1051510).
- CIFS: fix POSIX lock leak and invalid ptr deref (bsc#1114542).
- CIFS: fix POSIX lock leak and invalid ptr deref (bsc#1114542).
- Correct iwlwifi 22000 series ucode file name (bsc#1142673)
- Correct the buggy backport about AER / DPC pcie stuff (bsc#1142623)
- Delete patches.fixes/s390-setup-fix-early-warning-messages (bsc#1140948).
- Delete patches.fixes/s390-setup-fix-early-warning-messages (bsc#1140948).
- Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bsc#1051510).
- Do not provide kernel-default from kernel-default-base (boo#1132154, bsc#1106751).
- Do not provide kernel-default from kernel-default-base (boo#1132154, bsc#1106751).
- Do not restrict NFSv4.2 on openSUSE (bsc#1138719).
- Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var (bsc#1051510).
- EDAC/mc: Fix edac_mc_find() in case no device is found (bsc#1114279).
- Fix cpu online check (bsc#1051510).
- Fix kABI for asus-wmi quirk_entry field addition (bsc#1051510).
- HID: Wacom: switch Dell canvas into highres mode (bsc#1051510).
- HID: core: move Usage Page concatenation to Main item (bsc#1093389).
- HID: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- HID: input: add mapping for 'Toggle Display' key (bsc#1051510).
- HID: input: add mapping for Assistant key (bsc#1051510).
- HID: input: add mapping for Expose/Overview key (bsc#1051510).
- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
- HID: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).
- HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).
- HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent (bsc#1051510).
- HID: logitech-hidpp: use RAP instead of FAP to get the protocol version (bsc#1051510).
- HID: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- HID: wacom: Add ability to provide explicit battery status info (bsc#1051510).
- HID: wacom: Add support for 3rd generation Intuos BT (bsc#1051510).
- HID: wacom: Add support for Pro Pen slim (bsc#1051510).
- HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth (bsc#1051510).
- HID: wacom: Don't report anything prior to the tool entering range (bsc#1051510).
- HID: wacom: Don't set tool type until we're in range (bsc#1051510).
- HID: wacom: Mark expected switch fall-through (bsc#1051510).
- HID: wacom: Move HID fix for AES serial number into wacom_hid_usage_quirk (bsc#1051510).
- HID: wacom: Move handling of HID quirks into a dedicated function (bsc#1051510).
- HID: wacom: Properly handle AES serial number and tool type (bsc#1051510).
- HID: wacom: Queue events with missing type/serial data for later processing (bsc#1051510).
- HID: wacom: Remove comparison of u8 mode with zero and simplify (bsc#1051510).
- HID: wacom: Replace touch_max fixup code with static touch_max definitions (bsc#1051510).
- HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact (bsc#1051510).
- HID: wacom: Support 'in range' for Intuos/Bamboo tablets where possible (bsc#1051510).
- HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary (bsc#1051510).
- HID: wacom: Work around HID descriptor bug in DTK-2451 and DTH-2452 (bsc#1051510).
- HID: wacom: convert Wacom custom usages to standard HID usages (bsc#1051510).
- HID: wacom: correct touch resolution x/y typo (bsc#1051510).
- HID: wacom: fix mistake in printk (bsc#1051510).
- HID: wacom: generic: Correct pad syncing (bsc#1051510).
- HID: wacom: generic: Ignore HID_DG_BATTERYSTRENTH == 0 (bsc#1051510).
- HID: wacom: generic: Leave tool in prox until it completely leaves sense (bsc#1051510).
- HID: wacom: generic: Refactor generic battery handling (bsc#1051510).
- HID: wacom: generic: Report AES battery information (bsc#1051510).
- HID: wacom: generic: Reset events back to zero when pen leaves (bsc#1051510).
- HID: wacom: generic: Scale battery capacity measurements to percentages (bsc#1051510).
- HID: wacom: generic: Send BTN_STYLUS3 when both barrel switches are set (bsc#1051510).
- HID: wacom: generic: Send BTN_TOOL_PEN in prox once the pen enters range (bsc#1051510).
- HID: wacom: generic: Support multiple tools per report (bsc#1051510).
- HID: wacom: generic: Use generic codepath terminology in wacom_wac_pen_report (bsc#1051510).
- HID: wacom: generic: add the 'Report Valid' usage (bsc#1051510).
- HID: wacom: generic: only switch the mode on devices with LEDs (bsc#1051510).
- HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report (bsc#1051510).
- HID: wacom: wacom_wac_collection() is local to wacom_wac.c (bsc#1051510).
- IB/hfi1: Clear the IOWAIT pending bits when QP is put into error state (bsc#1114685 FATE#325854).
- IB/hfi1: Create inline to get extended headers (bsc#1114685 FATE#325854).
- IB/hfi1: Validate fault injection opcode user input (bsc#1114685 FATE#325854).
- IB/ipoib: Add child to parent list only if device initialized (bsc#1103992 FATE#326009).
- IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE (bsc#1103991 FATE#326007).
- IB/mlx5: Verify DEVX general object type correctly (bsc#1103991 FATE#326007).
- Improve the headset mic for Acer Aspire laptops' (bsc#1051510).
- Input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
- Input: elantech - enable middle button support on 2 ThinkPads (bsc#1051510).
- Input: imx_keypad - make sure keyboard can always wake up system (bsc#1051510).
- Input: introduce KEY_ASSISTANT (bsc#1051510).
- Input: psmouse - fix build error of multiple definition (bsc#1051510).
- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).
- Input: synaptics - enable SMBUS on T480 thinkpad trackpad (bsc#1051510).
- Input: synaptics - enable SMBus on ThinkPad E480 and E580 (bsc#1051510).
- Input: synaptics-rmi4 - fix possible double free (bsc#1051510).
- Input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).
- Input: tm2-touchkey - acknowledge that setting brightness is a blocking call (bsc#1129770).
- Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD (bsc#1051510).
- KEYS: always initialize keyring_index_key::desc_len (bsc#1051510).
- KEYS: user: Align the payload buffer (bsc#1051510).
- KVM: PPC: Book3S HV: Avoid lockdep debugging in TCE realmode handlers (bsc#1061840).
- KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).
- KVM: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts (bsc#1061840).
- KVM: PPC: Book3S: Protect memslots while validating user address (bsc#1061840).
- KVM: PPC: Release all hardware TCE tables attached to a group (bsc#1061840).
- KVM: PPC: Remove redundand permission bits removal (bsc#1061840).
- KVM: PPC: Validate TCEs against preregistered memory page sizes (bsc#1061840).
- KVM: PPC: Validate all tces before updating tables (bsc#1061840).
- KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).
- MD: fix invalid stored role for a disk (bsc#1051510).
- NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).
- PCI/P2PDMA: fix the gen_pool_add_virt() failure path (bsc#1103992 FATE#326009).
- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).
- PCI: Always allow probing with driver_override (bsc#1051510).
- PCI: Do not poll for PME if the device is in D3cold (bsc#1051510).
- PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
- PCI: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
- PCI: PM: Avoid possible suspend-to-idle issue (bsc#1051510).
- PCI: PM: Skip devices in D0 for suspend-to-idle (bsc#1051510).
- PCI: Return error if cannot probe VF (bsc#1051510).
- PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).
- PCI: rpadlpar: Fix leaked device_node references in add/remove paths (bsc#1051510).
- PM / core: Propagate dev power.wakeup_path when no callbacks (bsc#1051510).
- RAS/CEC: Check the correct variable in the debugfs error handling (bsc#1085535).
- RAS/CEC: Convert the timer callback to a workqueue (bsc#1114279).
- RAS/CEC: Fix binary search function (bsc#1114279).
- RDMA/ipoib: Allow user space differentiate between valid dev_port (bsc#1103992 FATE#326009).
- RDMA/mlx5: Do not allow the user to write to the clock page (bsc#1103991 FATE#326007).
- RDMA/mlx5: Initialize roce port info before multiport master init (bsc#1103991 FATE#326007).
- RDMA/mlx5: Use rdma_user_map_io for mapping BAR pages (bsc#1103992 FATE#326009).
- RDMA/odp: Fix missed unlock in non-blocking invalidate_start (bsc#1103992 FATE#326009).
- RDMA/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992, FATE#326009).
- RDMA/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992, FATE#326009).
- RDMA/srp: Accept again source addresses that do not have a port number (bsc#1103992 FATE#326009).
- RDMA/srp: Document srp_parse_in() arguments (bsc#1103992 FATE#326009).
- RDMA/uverbs: check for allocation failure in uapi_add_elm() (bsc#1103992 FATE#326009).
- Re-export snd_cards for kABI compatibility (bsc#1051510).
- Revert 'Sign non-x86 kernels when possible (boo#1134303)'
- Revert 'bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()' (bsc#1140652).
- Revert 'net: ena: ethtool: add extra properties retrieval via get_priv_flags' (bsc#1138879).
- Revert 's390/jump_label: Use 'jdd' constraint on gcc9 (bsc#1138589).' This broke the build with older gcc instead.
- Revert 'svm: Fix AVIC incomplete IPI emulation' (bsc#1140133).
- Revert 'svm: Fix AVIC incomplete IPI emulation' (bsc#1140133).
- SMB3: Fix endian warning (bsc#1137884).
- UAS: fix alignment of scatter/gather segments (bsc#1129770).
- USB: Add LPM quirk for Surface Dock GigE adapter (bsc#1051510).
- USB: Fix chipmunk-like voice when using Logitech C270 for recording audio (bsc#1051510).
- USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor (bsc#1051510).
- USB: cdc-acm: fix unthrottle races (bsc#1051510).
- USB: core: Don't unbind interfaces following device reset failure (bsc#1051510).
- USB: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- USB: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- USB: rio500: fix memory leak in close after disconnect (bsc#1051510).
- USB: rio500: refuse more than one device at a time (bsc#1051510).
- USB: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).
- USB: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- USB: serial: fix unthrottle races (bsc#1051510).
- USB: serial: ftdi_sio: add ID for isodebug v1 (bsc#1051510).
- USB: serial: option: add Telit 0x1260 and 0x1261 compositions (bsc#1051510).
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode (bsc#1051510).
- USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode (bsc#1051510).
- USB: serial: pl2303: add Allied Telesis VT-Kit3 (bsc#1051510).
- USB: sisusbvga: fix oops in error path of sisusb_probe (bsc#1051510).
- USB: usb-storage: Add new ID to ums-realtek (bsc#1051510).
- USB: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- USB: yurex: Fix protection fault after device removal (bsc#1051510).
- VMCI: Fix integer overflow in VMCI handle arrays (bsc#1051510).
- acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).
- acpi / property: fix handling of data_nodes in acpi_get_next_subnode() (bsc#1051510).
- acpi / utils: Drop reference in test for device presence (bsc#1051510).
- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).
- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).
- acpi/nfit: Always dump _DSM output payload (bsc#1142351).
- acpi: PM: Allow transitions to D0 to occur in special cases (bsc#1051510).
- acpi: PM: Avoid evaluating _PS3 on transitions from D3hot to D3cold (bsc#1051510).
- acpi: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bsc#1111666).
- acpi: button: reinitialize button state upon resume (bsc#1051510).
- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).
- acpi: property: restore _DSD data subnodes GUID comment (bsc#1111666).
- acpiCA: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
- acpiCA: Clear status of GPEs on first direct enable (bsc#1111666).
- acpiCA: Namespace: remove address node from global list after method termination (bsc#1051510).
- af_key: unconditionally clone on broadcast (bsc#1051510).
- alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).
- alsa: compress: Be more restrictive about when a drain is allowed (bsc#1051510).
- alsa: compress: Don't allow paritial drain operations on capture streams (bsc#1051510).
- alsa: compress: Fix regression on compressed capture streams (bsc#1051510).
- alsa: compress: Prevent bypasses of set_params (bsc#1051510).
- alsa: core: Don't refer to snd_cards array directly (bsc#1051510).
- alsa: core: Fix card races between register and disconnect (bsc#1051510).
- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- alsa: firewire-lib/fireworks: fix miss detection of received MIDI messages (bsc#1051510).
- alsa: firewire-motu: fix destruction of data for isochronous resources (bsc#1051510).
- alsa: hda - Add a conexant codec entry to let mute led work (bsc#1051510).
- alsa: hda - Add two more machines to the power_save_blacklist (bsc#1051510).
- alsa: hda - Don't resume forcibly i915 HDMI/DP codec (bsc#1111666).
- alsa: hda - Fix intermittent CORB/RIRB stall on Intel chips (bsc#1111666).
- alsa: hda - Force polling mode on CNL for fixing codec communication (bsc#1051510).
- alsa: hda - Optimize resume for codecs without jack detection (bsc#1111666).
- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- alsa: hda/hdmi - Fix i915 reverse port/pin mapping (bsc#1111666).
- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- alsa: hda/hdmi - Remove duplicated define (bsc#1111666).
- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
- alsa: hda/realtek - Change front mic location for Lenovo M710q (bsc#1051510).
- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: hda/realtek - EAPD turn on later (bsc#1051510).
- alsa: hda/realtek - Enable micmute LED for Huawei laptops (bsc#1051510).
- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
- alsa: hda/realtek - Fixed Headphone Mic can't record on Dell platform (bsc#1051510).
- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
- alsa: hda/realtek - Headphone Mic can't record after S3 (bsc#1051510).
- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).
- alsa: hda/realtek - Move to ACT_INIT state (bsc#1111666).
- alsa: hda/realtek - Set default power save node to 0 (bsc#1051510).
- alsa: hda/realtek - Support low power consumption for ALC256 (bsc#1051510).
- alsa: hda/realtek - Support low power consumption for ALC295 (bsc#1051510).
- alsa: hda/realtek - Update headset mode for ALC256 (bsc#1051510).
- alsa: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).
- alsa: hda/realtek: Add quirks for several Clevo notebook barebones (bsc#1051510).
- alsa: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bsc#1111666).
- alsa: hda/realtek: apply ALC891 headset fixup to one Dell machine (bsc#1051510).
- alsa: hda: Initialize power_state field properly (bsc#1051510).
- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).
- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
- alsa: line6: Fix a typo (bsc#1051510).
- alsa: line6: Fix write on zero-sized buffer (bsc#1051510).
- alsa: line6: Fix wrong altsetting for LINE6_PODHD500_1 (bsc#1051510).
- alsa: line6: use dynamic buffers (bsc#1051510).
- alsa: oxfw: allow PCM capture for Stanton SCS.1m (bsc#1051510).
- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- alsa: seq: Break too long mutex context in the write loop (bsc#1051510).
- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).
- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- alsa: seq: fix incorrect order of dest_client/dest_ports arguments (bsc#1051510).
- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- alsa: timer: Coding style fixes (bsc#1051510).
- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- alsa: timer: Make sure to clear pending ack list (bsc#1051510).
- alsa: timer: Revert active callback sync check at close (bsc#1051510).
- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- alsa: timer: Unify timer callback process code (bsc#1051510).
- alsa: usb-audio: Add quirk for Focusrite Scarlett Solo (bsc#1051510).
- alsa: usb-audio: Add quirk for MOTU MicroBook II (bsc#1051510).
- alsa: usb-audio: Cleanup DSD whitelist (bsc#1051510).
- alsa: usb-audio: Enable .product_name override for Emagic, Unitor 8 (bsc#1051510).
- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
- alsa: usb-audio: Fix parse of UAC2 Extension Units (bsc#1111666).
- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- alsa: usb-audio: Sanity checks for each pipe and EP types (bsc#1051510).
- alsa: usb-audio: fix Line6 Helix audio format rates (bsc#1111666).
- alsa: usb-audio: fix sign unintended sign extension on left shifts (bsc#1051510).
- alsa: usx2y: fix a double free bug (bsc#1051510).
- apparmor: enforce nullbyte at end of tag string (bsc#1051510).
- appletalk: Fix compile regression (bsc#1051510).
- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).
- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).
- arm64: do not override dma_max_pfn (jsc#SLE-6197 bsc#1140559 LTC#173150).
- arm64: fix acpi dependencies (bsc#1117158).
- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).
- at76c50x-usb: Don't register led_trigger if usb_register_driver failed (bsc#1051510).
- ath10k: Do not send probe response template for mesh (bsc#1111666).
- ath10k: Fix encoding for protected management frames (bsc#1111666).
- ath10k: add missing error handling (bsc#1111666).
- ath10k: add peer id check in ath10k_peer_find_by_id (bsc#1111666).
- ath10k: avoid possible string overflow (bsc#1051510).
- ath10k: destroy sdio workqueue while remove sdio module (bsc#1111666).
- ath10k: fix PCIE device wake up failed (bsc#1111666).
- ath10k: fix incorrect multicast/broadcast rate setting (bsc#1111666).
- ath10k: snoc: fix unbalanced clock error handling (bsc#1111666).
- ath6kl: add some bounds checking (bsc#1051510).
- ath9k: Check for errors when reading SREV register (bsc#1111666).
- ath9k: correctly handle short radar pulses (bsc#1111666).
- ath: DFS JP domain W56 fixed pulse type 3 RADAR detection (bsc#1111666).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- audit: fix a memory leak bug (bsc#1051510).
- ax25: fix inconsistent lock state in ax25_destroy_timer (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).
- batman-adv: allow updating DAT entry timeouts on incoming ARP Replies (bsc#1051510).
- batman-adv: fix for leaked TVLV handler (bsc#1051510).
- bcache: Add comments for blkdev_put() in registration code path (bsc#1140652).
- bcache: Clean up bch_get_congested() (bsc#1140652).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: Revert 'bcache: fix high CPU occupancy during journal' (bsc#1140652).
- bcache: Revert 'bcache: free heap cache_set flush_btree in bch_journal_free' (bsc#1140652).
- bcache: account size of buckets used in uuid write to ca meta_sectors_written (bsc#1130972).
- bcache: account size of buckets used in uuid write to ca meta_sectors_written (bsc#1130972).
- bcache: acquire bch_register_lock later in cached_dev_detach_finish() (bsc#1140652).
- bcache: acquire bch_register_lock later in cached_dev_free() (bsc#1140652).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add code comments for journal_read_bucket() (bsc#1140652).
- bcache: add comment for cache_set fill_iter (bsc#1130972).
- bcache: add comment for cache_set fill_iter (bsc#1130972).
- bcache: add comments for closure_fn to be called in closure_queue() (bsc#1140652).
- bcache: add comments for kobj release callback routine (bsc#1140652).
- bcache: add comments for mutex_lock(b write_lock) (bsc#1140652).
- bcache: add error check for calling register_bdev() (bsc#1140652).
- bcache: add failure check to run_cache_set() for journal replay (bsc#1140652).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add io error counting in write_bdev_super_endio() (bsc#1140652).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add more error message in bch_cached_dev_attach() (bsc#1140652).
- bcache: add pendings_cleanup to stop pending bcache device (bsc#1140652).
- bcache: add reclaimed_journal_buckets to struct cache_set (bsc#1140652).
- bcache: add return value check to bch_cached_dev_run() (bsc#1140652).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: avoid a deadlock in bcache_reboot() (bsc#1140652).
- bcache: avoid clang -Wunintialized warning (bsc#1140652).
- bcache: avoid flushing btree node in cache_set_flush() if io disabled (bsc#1140652).
- bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set (bsc#1140652).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: check CACHE_SET_IO_DISABLE bit in bch_journal() (bsc#1140652).
- bcache: check CACHE_SET_IO_DISABLE in allocator code (bsc#1140652).
- bcache: check c gc_thread by IS_ERR_OR_NULL in cache_set_flush() (bsc#1140652).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: destroy dc writeback_write_wq if failed to create dc writeback_thread (bsc#1140652).
- bcache: do not assign in if condition in bcache_device_init() (bsc#1140652).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: do not set max writeback rate if gc is running (bsc#1140652).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix a race between cache register and cacheset unregister (bsc#1140652).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix crashes stopping bcache device before read miss done (bsc#1140652).
- bcache: fix failure in journal relplay (bsc#1140652).
- bcache: fix inaccurate result of unused buckets (bsc#1140652).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix mistaken sysfs entry for io_error counter (bsc#1140652).
- bcache: fix potential deadlock in cached_def_free() (bsc#1140652).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix race in btree_flush_write() (bsc#1140652).
- bcache: fix return value error in bch_journal_read() (bsc#1140652).
- bcache: fix stack corruption by PRECEDING_KEY() (bsc#1140652).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: fix wrong usage use-after-freed on keylist in out_nocoalesce branch of btree_gc_coalesce (bsc#1140652).
- bcache: ignore read-ahead request failure on backing device (bsc#1140652).
- bcache: improve bcache_reboot() (bsc#1140652).
- bcache: improve error message in bch_cached_dev_run() (bsc#1140652).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make bset_search_tree() be more understandable (bsc#1140652).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: make is_discard_enabled() static (bsc#1140652).
- bcache: more detailed error message to bcache_device_link() (bsc#1140652).
- bcache: move definition of 'int ret' out of macro read_bucket() (bsc#1140652).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() (bsc#1140652).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: only clear BTREE_NODE_dirty bit when it is set (bsc#1140652).
- bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached (bsc#1140652).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: performance improvement for btree_flush_write() (bsc#1140652).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove redundant LIST_HEAD(journal) from run_cache_set() (bsc#1140652).
- bcache: remove redundant LIST_HEAD(journal) from run_cache_set() (bsc#1140652).
- bcache: remove retry_flush_write from struct cache_set (bsc#1140652).
- bcache: remove unncessary code in bch_btree_keys_init() (bsc#1140652).
- bcache: remove unnecessary prefetch() in bset_search_tree() (bsc#1140652).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: return error immediately in bch_journal_replay() (bsc#1140652).
- bcache: set largest seq to ja seq[bucket_index] in journal_read_bucket() (bsc#1140652).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: shrink btree node cache after bch_btree_check() (bsc#1140652).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: stop writeback kthread and kworker when bch_cached_dev_run() failed (bsc#1140652).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: treat stale and dirty keys as bad keys (bsc#1130972).
- bcache: treat stale and dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_match_string() instead of __sysfs_match_string() (bsc#1140652).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- be2net: Signal that the device cannot transmit during reconfiguration (bsc#1127315).
- be2net: Synchronize be_update_queues with dev_watchdog (bsc#1127315).
- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).
- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).
- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).
- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).
- blk-mq: fix hang caused by freeze/unfreeze sequence (bsc#1128432).
- blk-mq: free hw queue's resource in hctx's release handler (bsc#1140637).
- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).
- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).
- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).
- blkcg: Introduce blkg_root_lookup() (bsc#1131673).
- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).
- block, bfq: NULL out the bic when it's no longer valid (bsc#1142359).
- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).
- block: Fix a NULL pointer dereference in generic_make_request() (bsc#1139771).
- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).
- block: Introduce blk_exit_queue() (bsc#1131673).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
- block: fix the return errno for direct IO (bsc#1135320).
- block: fix use-after-free on gendisk (bsc#1135312).
- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).
- block: remove bio_rewind_iter() (bsc#1131673).
- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
- bluetooth: Fix faulty expression for minimum encryption key size check (bsc#1140328).
- bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).
- bnx2x: Add support for detection of P2P event packets (bsc#1136498 jsc#SLE-4699).
- bnx2x: Bump up driver version to 1.713.36 (bsc#1136498 jsc#SLE-4699).
- bnx2x: Prevent load reordering in tx completion processing (bsc#1142868).
- bnx2x: Remove set but not used variable 'mfw_vn' (bsc#1136498 jsc#SLE-4699).
- bnx2x: Replace magic numbers with macro definitions (bsc#1136498 jsc#SLE-4699).
- bnx2x: Use struct_size() in kzalloc() (bsc#1136498 jsc#SLE-4699).
- bnx2x: Utilize FW 7.13.11.0 (bsc#1136498 jsc#SLE-4699).
- bnx2x: fix spelling mistake 'dicline' 'decline' (bsc#1136498 jsc#SLE-4699).
- bnx2x: fix various indentation issues (bsc#1136498 jsc#SLE-4699).
- bnxt_en: Add device IDs 0x1806 and 0x1752 for 57500 devices (bsc#1137224).
- bnxt_en: Add support for BCM957504 (bsc#1137224).
- bnxt_en: Disable bus master during PCI shutdown and driver unload (bsc#1104745 FATE#325918).
- bnxt_en: Fix aggregation buffer leak under OOM condition (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix aggregation buffer leak under OOM condition (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix statistics context reservation logic (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix statistics context reservation logic (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix statistics context reservation logic for RDMA driver (bsc#1104745 FATE#325918).
- bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242 FATE#322914).
- bnxt_en: Improve NQ reservations (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Improve NQ reservations (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Improve multicast address setup logic (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Improve multicast address setup logic (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Pass correct extended TX port statistics size to firmware (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Pass correct extended TX port statistics size to firmware (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Reduce memory usage when running in kdump kernel (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Reduce memory usage when running in kdump kernel (bsc#1134090 jsc#SLE-5954).
- bnxt_en: Suppress error messages when querying DSCP DCB capabilities (bsc#1104745 FATE#325918).
- bonding: Force slave speed check after link state recovery for 802.3ad (bsc#1137584).
- bpf, devmap: Add missing RCU read lock on flush (bsc#1109837).
- bpf, devmap: Add missing bulk queue free (bsc#1109837).
- bpf, devmap: Fix premature entry free on destroying map (bsc#1109837).
- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).
- bpf, tcp: correctly handle DONT_WAIT flags and timeo == 0 (bsc#1109837).
- bpf, x64: fix stack layout of JITed bpf code (bsc#1083647).
- bpf, x64: save 5 bytes in prologue when ebpf insns came from cbpf (bsc#1083647).
- bpf: Add missed newline in verifier verbose log (bsc#1056787).
- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).
- bpf: btf: fix the brackets of BTF_INT_OFFSET() (bsc#1083647).
- bpf: devmap: fix use-after-free Read in __dev_map_entry_free (bsc#1109837).
- bpf: fix callees pruning callers (bsc#1109837).
- bpf: fix nested bpf tracepoints with per-cpu data (bsc#1083647).
- bpf: fix use after free in bpf_evict_inode (bsc#1083647).
- bpf: lpm_trie: check left child of last leftmost node for NULL (bsc#1109837).
- bpf: sockmap fix msg sg.size account on ingress skb (bsc#1109837).
- bpf: sockmap remove duplicate queue free (bsc#1109837).
- bpf: sockmap, fix use after free from sleep in psock backlog workqueue (bsc#1109837).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- brcmfmac: convert dev_init_lock mutex to completion (bsc#1051510).
- brcmfmac: fix NULL pointer derefence during USB disconnect (bsc#1111666).
- brcmfmac: fix Oops when bringing up interface during USB disconnect (bsc#1051510).
- brcmfmac: fix WARNING during USB disconnect in case of unempty psq (bsc#1051510).
- brcmfmac: fix leak of mypkt on error return path (bsc#1111666).
- brcmfmac: fix missing checks for kmemdup (bsc#1051510).
- brcmfmac: fix race during disconnect when USB completion is in progress (bsc#1051510).
- broadcom: Mark expected switch fall-throughs (bsc#1136498 jsc#SLE-4699).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).
- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).
- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).
- btrfs: fix race between block group removal and block group allocation (bsc#1143003).
- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).
- btrfs: fix race updating log root item during fsync (bsc#1137153).
- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).
- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).
- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).
- can: af_can: Fix error path of can_init() (bsc#1051510).
- can: flexcan: fix timeout when set small bitrate (bsc#1051510).
- can: purge socket error queue on sock destruct (bsc#1051510).
- carl9170: fix misuse of device driver API (bsc#1111666).
- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: factor out ceph_lookup_inode() (bsc#1138681).
- ceph: fix NULL pointer deref when debugging is enabled (bsc#1138681).
- ceph: fix ci i_head_snapc leak (bsc#1122776).
- ceph: fix ci i_head_snapc leak (bsc#1122776).
- ceph: fix potential use-after-free in ceph_mdsc_build_path (bsc#1138681).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: flush dirty inodes before proceeding with remount (bsc#1138681).
- ceph: flush dirty inodes before proceeding with remount (bsc#1140405).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- ceph: print inode number in __caps_issued_mask debugging messages (bsc#1138681).
- ceph: quota: fix quota subdir mounts (bsc#1138681).
- ceph: remove duplicated filelock ref increase (bsc#1138681).
- cfg80211: Handle WMM rules in regulatory domain intersection (bsc#1111666).
- cfg80211: fix memory leak of wiphy device name (bsc#1051510).
- cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() (bsc#1141478).
- cgroup: fix parsing empty mount option string (bsc#1133094).
- chardev: add additional check for minor range overlap (bsc#1051510).
- chelsio: use BUG() instead of BUG_ON(1) (bsc#1136345 jsc#SLE-4681).
- cifs: Fix potential OOB access of lock element array (bsc#1051510).
- cifs: don't dereference smb_file_target before null check (bsc#1051510).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).
- clk: qcom: Fix -Wunused-const-variable (bsc#1051510).
- clk: rockchip: Don't yell about bad mmc phases when getting (bsc#1051510).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: Turn on 'aclk_dmac1' for suspend on rk3288 (bsc#1051510).
- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- clk: tegra210: fix PLLU and PLLU_OUT1 (bsc#1051510).
- clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider (bsc#1051510).
- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).
- config: arm64: enable CN99xx uncore pmu References: bsc#1117114
- configfs: Fix use-after-free when accessing sd s_dentry (bsc#1051510).
- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
- coresight: etb10: Fix handling of perf mode (bsc#1051510).
- coresight: etm4x: Add support to enable ETMv4.2 (bsc#1051510).
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- cpufreq/pasemi: fix possible object reference leak (bsc#1051510).
- cpufreq: Use struct kobj_attribute instead of struct global_attr (bsc#1051510).
- cpufreq: acpi-cpufreq: Report if CPU doesn't support boost technologies (bsc#1051510).
- cpufreq: brcmstb-avs-cpufreq: Fix initial command check (bsc#1051510).
- cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency (bsc#1051510).
- cpufreq: check if policy is inactive early in __cpufreq_get() (bsc#1051510).
- cpufreq: kirkwood: fix possible object reference leak (bsc#1051510).
- cpufreq: pmac32: fix possible object reference leak (bsc#1051510).
- cpufreq: ppc_cbe: fix possible object reference leak (bsc#1051510).
- crypto: algapi - guard against uninitialized spawn list in crypto_remove_spawns (bsc#1133401).
- crypto: arm/aes-neonbs - don't access already-freed walk.iv (bsc#1051510).
- crypto: arm64/sha1-ce - correct digest for empty data in finup (bsc#1051510).
- crypto: arm64/sha2-ce - correct digest for empty data in finup (bsc#1051510).
- crypto: caam - add missing put_device() call (bsc#1129770).
- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
- crypto: caam/qi2 - fix DMA mapping of stack memory (bsc#1111666).
- crypto: caam/qi2 - fix zero-length buffer DMA mapping (bsc#1111666).
- crypto: caam/qi2 - generate hash keys in-place (bsc#1111666).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: ccp - Fix 3DES complaint from ccp-crypto module (bsc#1051510).
- crypto: ccp - Fix SEV_VERSION_GREATER_OR_EQUAL (bsc#1051510).
- crypto: ccp - Validate the the error value used to index error messages (bsc#1051510).
- crypto: ccp - fix AES CFB error exposed by new test vectors (bsc#1051510).
- crypto: ccp - memset structure fields to zero before reuse (bsc#1051510).
- crypto: ccp/gcm - use const time tag comparison (bsc#1051510).
- crypto: chacha20poly1305 - fix atomic sleep when using async algorithm (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: chcr - ESN for Inline IPSec Tx (bsc#1136353 jsc#SLE-4688).
- crypto: chcr - small packet Tx stalls the queue (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix NULL pointer dereference (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix passing zero to 'PTR_ERR' warning in chcr_aead_op (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix softlockup with heavy I/O (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fix wrong error counter increments (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Fixed Traffic Stall (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Handle pci shutdown event (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Inline single pdu only (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Reset counters on cxgb4 Detach (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Swap location of AAD and IV sent in WR (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - Use same value for both channel in single WR (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - avoid using sa_entry imm (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - check set_msg_len overflow in generate_b0 (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - clean up various indentation issues (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - cleanup:send addr as value in function argument (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - count incomplete block in IV (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - remove set but not used variable 'kctx_len' (bsc#1136353 jsc#SLE-4688).
- crypto: chelsio - remove set but not used variables 'adap' (bsc#1136353 jsc#SLE-4688).
- crypto: chtls - remove cdev_list_lock (bsc#1136353 jsc#SLE-4688).
- crypto: chtls - remove set but not used variables 'err, adap, request, hws' (bsc#1136353 jsc#SLE-4688).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: cryptd - Fix skcipher instance memory leak (bsc#1051510).
- crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe (bsc#1051510).
- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: ghash - fix unaligned memory access in ghash_setkey() (bsc#1051510).
- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).
- crypto: prefix header search paths with $(srctree)/ (bsc#1136353 jsc#SLE-4688).
- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: skcipher - don't WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: talitos - Align SEC1 accesses to 32 bits boundaries (bsc#1051510).
- crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking (bsc#1051510).
- crypto: talitos - check data blocksize in ablkcipher (bsc#1051510).
- crypto: talitos - fix CTR alg blocksize (bsc#1051510).
- crypto: talitos - fix max key size for sha384 and sha512 (bsc#1051510).
- crypto: talitos - properly handle split ICV (bsc#1051510).
- crypto: talitos - reduce max key size for SEC1 (bsc#1051510).
- crypto: talitos - rename alternative AEAD algos (bsc#1051510).
- crypto: user - prevent operating on larval algorithms (bsc#1133401).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).
- cxgb4/chtls: Prefix adapter flags with CXGB4 (bsc#1136345 jsc#SLE-4681).
- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).
- cxgb4/cxgb4vf: Display advertised FEC in ethtool (bsc#1136345 jsc#SLE-4681).
- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).
- cxgb4/cxgb4vf: Fix up netdev hw_features (bsc#1136345 jsc#SLE-4681).
- cxgb4/cxgb4vf: Link management changes (bsc#1127371).
- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).
- cxgb4/cxgb4vf_main: Mark expected switch fall-through (bsc#1136345 jsc#SLE-4681).
- cxgb4: Add VF Link state support (bsc#1136345 jsc#SLE-4681).
- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).
- cxgb4: Add flag tc_flower_initialized (bsc#1127371).
- cxgb4: Add new T5 pci device id 0x50ae (bsc#1127371).
- cxgb4: Add new T5 pci device ids 0x50af and 0x50b0 (bsc#1127371).
- cxgb4: Add new T6 pci device ids 0x608a (bsc#1127371).
- cxgb4: Add new T6 pci device ids 0x608b (bsc#1136345 jsc#SLE-4681).
- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).
- cxgb4: Add support to read actual provisioned resources (bsc#1127371).
- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).
- cxgb4: Delete all hash and TCAM filters before resource cleanup (bsc#1136345 jsc#SLE-4681).
- cxgb4: Do not return EAGAIN when TCAM is full (bsc#1136345 jsc#SLE-4681).
- cxgb4: Enable hash filter with offload (bsc#1136345 jsc#SLE-4681).
- cxgb4: Enable outer UDP checksum offload for T6 (bsc#1136345 jsc#SLE-4681).
- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).
- cxgb4: Fix error path in cxgb4_init_module (bsc#1136345 jsc#SLE-4681).
- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).
- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).
- cxgb4: Revert 'cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size' (bsc#1136345 jsc#SLE-4681).
- cxgb4: Support ethtool private flags (bsc#1127371).
- cxgb4: TLS record offload enable (bsc#1136345 jsc#SLE-4681).
- cxgb4: Update 1.23.3.0 as the latest firmware supported (bsc#1136345 jsc#SLE-4681).
- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).
- cxgb4: add support to display DCB info (bsc#1127371).
- cxgb4: add tcb flags and tcb rpl struct (bsc#1136345 jsc#SLE-4681).
- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).
- cxgb4: collect hardware queue descriptors (bsc#1127371).
- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).
- cxgb4: convert flower table to use rhashtable (bsc#1127371).
- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).
- cxgb4: display number of rx and tx pages free (bsc#1127371).
- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).
- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).
- cxgb4: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).
- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).
- cxgb4: kfree mhp after the debug print (bsc#1136345 jsc#SLE-4681).
- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).
- cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1136345 jsc#SLE-4681).
- cxgb4: remove DEFINE_SIMPLE_DEBUGFS_FILE() (bsc#1136345 jsc#SLE-4681).
- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).
- cxgb4: remove set but not used variables 'multitrc, speed' (bsc#1136345 jsc#SLE-4681).
- cxgb4: remove the unneeded locks (bsc#1127371).
- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).
- cxgb4: update supported DCB version (bsc#1127371).
- cxgb4: use firmware API for validating filter spec (bsc#1136345 jsc#SLE-4681).
- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).
- cxgb4vf: Call netif_carrier_off properly in pci_probe (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Enter debugging mode if FW is inaccessible (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Few more link management changes (bsc#1127374).
- cxgb4vf: Prefix adapter flags with CXGB4VF (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Revert force link up behaviour (bsc#1136347 jsc#SLE-4683).
- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).
- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).
- cxgb4vf: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).
- dasd_fba: Display '00000000' for zero page when dumping sense (bsc#1123080).
- dax: Fix xarray entry association for mixed mappings (bsc#1140893).
- dccp: Fix memleak in __feat_register_sp (bsc#1051510).
- debugfs: fix use-after-free on symlink traversal (bsc#1051510).
- device core: Consolidate locking and unlocking of parent and device (bsc#1106383).
- device_cgroup: fix RCU imbalance in error case (bsc#1051510).
- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).
- dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc (bsc#1111666).
- dma-direct: add support for allocation from ZONE_DMA and ZONE_DMA32 (jsc#SLE-6197 bsc#1140559 LTC#173150).
- dma-direct: do not retry allocation for no-op GFP_DMA (jsc#SLE-6197 bsc#1140559 LTC#173150).
- dma-direct: retry allocations using GFP_DMA for small masks (jsc#SLE-6197 bsc#1140559 LTC#173150).
- dma-mapping: move dma_mark_clean to dma-direct.h (jsc#SLE-6197 bsc#1140559 LTC#173150).
- dma-mapping: move swiotlb arch helpers to a new header (jsc#SLE-6197 bsc#1140559 LTC#173150).
- dma-mapping: take dma_pfn_offset into account in dma_max_pfn (jsc#SLE-6197 bsc#1140559 LTC#173150).
- dmaengine: at_xdmac: remove BUG_ON macro in tasklet (bsc#1111666).
- dmaengine: axi-dmac: Don't check the number of frames for alignment (bsc#1051510).
- dmaengine: hsu: Revert 'set HSU_CH_MTSR to memory width' (bsc#1051510).
- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).
- dmaengine: imx-sdma: remove BD_INTR for channel0 (bsc#1051510).
- dmaengine: pl330: _stop: clear interrupt status (bsc#1111666).
- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).
- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).
- dmaengine: tegra210-adma: Fix crash during probe (bsc#1111666).
- dmaengine: tegra210-adma: restore channel status (bsc#1111666).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).
- doc: Cope with the deprecation of AutoReporter (bsc#1051510).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- documentation: DMA-API: fix a function name of max_mapping_size (bsc#1140954).
- drbd: Avoid Clang warning about pointless switch statment (bsc#1051510).
- drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bsc#1051510).
- drbd: narrow rcu_read_lock in drbd_sync_handshake (bsc#1051510).
- drbd: skip spurious timeout (ping-timeo) when failing promote (bsc#1051510).
- driver core: Establish order of operations for device_add and device_del via bitflag (bsc#1106383).
- driver core: Probe devices asynchronously instead of the driver (bsc#1106383).
- drivers/base/devres: introduce devm_release_action() (bsc#1103992 FATE#326009).
- drivers/base: Introduce kill_device() (bsc#1139865).
- drivers/base: kABI fixes for struct device_private (bsc#1106383).
- drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' (bsc#1051510).
- drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen() (bsc#1051510).
- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
- drivers: depend on HAS_IOMEM for devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).
- drivers: fix a typo in the kernel doc for devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).
- drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).
- drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).
- drivers: provide devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).
- drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER (bsc#1051510).
- drm/amd/display: Fix Divide by 0 in memory calculations (bsc#1111666).
- drm/amd/display: If one stream full updates, full update all planes (bsc#1111666).
- drm/amd/display: Make some functions static (bsc#1111666).
- drm/amd/display: Set stream mode_changed when connectors change (bsc#1111666).
- drm/amd/display: Use plane color_space for dpp if specified (bsc#1111666).
- drm/amd/display: extending AUX SW Timeout (bsc#1111666).
- drm/amd/display: fix cursor black issue (bsc#1111666).
- drm/amd/display: fix releasing planes when exiting odm (bsc#1111666).
- drm/amd/powerplay: use hardware fan control if no powerplay fan table (bsc#1111666).
- drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE (bsc#1051510).
- drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bsc#1111666).
- drm/amdgpu/psp: move psp version specific function pointers to early_init (bsc#1111666).
- drm/amdgpu: fix old fence check in amdgpu_fence_emit (bsc#1051510).
- drm/amdgpu: remove ATPX_DGPU_REQ_POWER_FOR_DISPLAYS check when hotplug-in (bsc#1111666).
- drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bsc#1111666).
- drm/arm/hdlcd: Actually validate CRTC modes (bsc#1111666).
- drm/arm/hdlcd: Allow a bit of clock tolerance (bsc#1051510).
- drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times (bsc#1111666).
- drm/atmel-hlcdc: revert shift by 8 (bsc#1111666).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
- drm/doc: Drop 'content type' from the legacy kms property table (bsc#1111666).
- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).
- drm/drv: Hold ref on parent device during drm_device lifetime (bsc#1051510).
- drm/edid: abstract override/firmware EDID retrieval (bsc#1111666).
- drm/etnaviv: add missing failure path to destroy suballoc (bsc#1111666).
- drm/etnaviv: lock MMU while dumping core (bsc#1113722)
- drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bsc#1111666).
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/fb-helper: generic: Call drm_client_add() after setup is done (bsc#1111666).
- drm/fb-helper: generic: Don't take module ref for fbcon (bsc#1111666).
- drm/gma500/cdv: Check vbt config bits when detecting lvds panels (bsc#1051510).
- drm/i915/dmc: protect against reading random memory (bsc#1051510).
- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)
- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113956)
- drm/i915/gvt: Annotate iomem usage (bsc#1051510).
- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack (bsc#1111666).
- drm/i915/gvt: Prevent use-after-free in ppgtt_free_all_spt() (bsc#1111666).
- drm/i915/gvt: Roundup fb height into tile's height at calucation fb size (bsc#1111666).
- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)
- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).
- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).
- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)
- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113956)
- drm/i915/gvt: ignore unexpected pvinfo write (bsc#1051510).
- drm/i915/gvt: refine ggtt range validation (bsc#1113722)
- drm/i915/icl: Add WaDisableBankHangMode (bsc#1111666).
- drm/i915/icl: Whitelist GEN9_SLICE_COMMON_ECO_CHICKEN1 (bsc#1111666).
- drm/i915/perf: fix whitelist on Gen10+ (bsc#1051510).
- drm/i915/sdvo: Implement proper HDMI audio support for SDVO (bsc#1051510).
- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
- drm/i915: Disable tv output on i9x5gm (bsc#1086657, bsc#1133897).
- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled (bsc#1111666).
- drm/i915: Maintain consistent documentation subsection ordering (bsc#1111666).
- drm/imx: don't skip DP channel disable for background plane (bsc#1051510).
- drm/imx: notify drm core before sending event during crtc disable (bsc#1111666).
- drm/imx: only send event on crtc disable if kept disabled (bsc#1111666).
- drm/lease: Make sure implicit planes are leased (bsc#1111666).
- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)
- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113956)
- drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver (bsc#1111666).
- drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable() (bsc#1111666).
- drm/mediatek: clear num_pipes when unbind driver (bsc#1111666).
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/mediatek: fix unbind functions (bsc#1111666).
- drm/mediatek: unbind components in mtk_drm_unbind() (bsc#1111666).
- drm/meson: Add support for XBGR8888 ABGR8888 formats (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/msm/a3xx: remove TPL1 regs from snapshot (bsc#1051510).
- drm/msm/mdp5: Fix mdp5_cfg_init error return (bsc#1111666).
- drm/msm: a5xx: fix possible object reference leak (bsc#1111666).
- drm/msm: fix fb references in async update (bsc#1111666).
- drm/nouveau/bar/nv50: ensure BAR is mapped (bsc#1111666).
- drm/nouveau/bar/tu104: initial support (bsc#1133593).
- drm/nouveau/bar/tu106: initial support (bsc#1133593).
- drm/nouveau/bios/tu104: initial support (bsc#1133593).
- drm/nouveau/bios/tu106: initial support (bsc#1133593).
- drm/nouveau/bios: translate additional memory types (bsc#1133593).
- drm/nouveau/bios: translate usb-C connector type (bsc#1133593).
- drm/nouveau/bus/tu104: initial support (bsc#1133593).
- drm/nouveau/bus/tu106: initial support (bsc#1133593).
- drm/nouveau/ce/tu104: initial support (bsc#1133593).
- drm/nouveau/ce/tu106: initial support (bsc#1133593).
- drm/nouveau/core: increase maximum number of nvdec instances to 3 (bsc#1133593).
- drm/nouveau/core: recognise TU102 (bsc#1133593).
- drm/nouveau/core: recognise TU104 (bsc#1133593).
- drm/nouveau/core: recognise TU106 (bsc#1133593).
- drm/nouveau/core: support multiple nvdec instances (bsc#1133593).
- drm/nouveau/devinit/gm200-: export function to upload+execute PMU/PRE_OS (bsc#1133593).
- drm/nouveau/devinit/tu104: initial support (bsc#1133593).
- drm/nouveau/devinit/tu106: initial support (bsc#1133593).
- drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration (bsc#1051510).
- drm/nouveau/disp/gm200-: add scdc parameter setter (bsc#1133593).
- drm/nouveau/disp/gv100: fix name of window channels in debug output (bsc#1133593).
- drm/nouveau/disp/tu104: initial support (bsc#1133593).
- drm/nouveau/disp/tu106: initial support (bsc#1133593).
- drm/nouveau/disp: add a way to configure scrambling/tmds for hdmi 2.0 (bsc#1133593).
- drm/nouveau/disp: add support for setting scdc parameters for high modes (bsc#1133593).
- drm/nouveau/disp: keep track of high-speed state, program into clock (bsc#1133593).
- drm/nouveau/disp: take sink support into account for exposing 594mhz (bsc#1133593).
- drm/nouveau/dma/tu104: initial support (bsc#1133593).
- drm/nouveau/dma/tu106: initial support (bsc#1133593).
- drm/nouveau/drm/nouveau: Do not forget to label dp_aux devices (bsc#1133593).
- drm/nouveau/drm/nouveau: s/nouveau_backlight_exit/nouveau_backlight_fini/ (bsc#1133593).
- drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init() (bsc#1133593).
- drm/nouveau/fault/tu104: initial support (bsc#1133593).
- drm/nouveau/fault/tu106: initial support (bsc#1133593).
- drm/nouveau/fault: add explicit control over fault buffer interrupts (bsc#1133593).
- drm/nouveau/fault: remove manual mapping of fault buffers into BAR2 (bsc#1133593).
- drm/nouveau/fault: store get/put pri address in nvkm_fault_buffer (bsc#1133593).
- drm/nouveau/fb/tu104: initial support (bsc#1133593).
- drm/nouveau/fb/tu106: initial support (bsc#1133593).
- drm/nouveau/fifo/gf100-: call into BAR to reset BARs after MMU fault (bsc#1133593).
- drm/nouveau/fifo/gk104-: group pbdma functions together (bsc#1133593).
- drm/nouveau/fifo/gk104-: return channel instance in ctor args (bsc#1133593).
- drm/nouveau/fifo/gk104-: separate runlist building from committing to hw (bsc#1133593).
- drm/nouveau/fifo/gk104-: support enabling privileged ce functions (bsc#1133593).
- drm/nouveau/fifo/gk104-: virtualise pbdma enable function (bsc#1133593).
- drm/nouveau/fifo/gm200-: read pbdma count more directly (bsc#1133593).
- drm/nouveau/fifo/gv100: allocate method buffer (bsc#1133593).
- drm/nouveau/fifo/gv100: return work submission token in channel ctor args (bsc#1133593).
- drm/nouveau/fifo/tu104: initial support (bsc#1133593).
- drm/nouveau/fifo/tu106: initial support (bsc#1133593).
- drm/nouveau/fuse/tu104: initial support (bsc#1133593).
- drm/nouveau/fuse/tu106: initial support (bsc#1133593).
- drm/nouveau/gpio/tu104: initial support (bsc#1133593).
- drm/nouveau/gpio/tu106: initial support (bsc#1133593).
- drm/nouveau/i2c/tu104: initial support (bsc#1133593).
- drm/nouveau/i2c/tu106: initial support (bsc#1133593).
- drm/nouveau/i2c: Disable i2c bus access after fini() (bsc#1113722)
- drm/nouveau/i2c: Enable i2c pads busses during preinit (bsc#1051510).
- drm/nouveau/ibus/tu104: initial support (bsc#1133593).
- drm/nouveau/ibus/tu106: initial support (bsc#1133593).
- drm/nouveau/imem/nv50: support pinning objects in BAR2 and returning address (bsc#1133593).
- drm/nouveau/imem/tu104: initial support (bsc#1133593).
- drm/nouveau/imem/tu106: initial support (bsc#1133593).
- drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change (bsc#1111666).
- drm/nouveau/kms/gv100-: fix spurious window immediate interlocks (bsc#1111666).
- drm/nouveau/kms/nv50-: allow more flexibility with lut formats (bsc#1133593).
- drm/nouveau/kms/tu104: initial support (bsc#1133593).
- drm/nouveau/ltc/tu104: initial support (bsc#1133593).
- drm/nouveau/ltc/tu106: initial support (bsc#1133593).
- drm/nouveau/mc/tu104: initial support (bsc#1133593).
- drm/nouveau/mc/tu106: initial support (bsc#1133593).
- drm/nouveau/mmu/tu104: initial support (bsc#1133593).
- drm/nouveau/mmu/tu106: initial support (bsc#1133593).
- drm/nouveau/mmu: add more general vmm free/node handling functions (bsc#1133593).
- drm/nouveau/pci/tu104: initial support (bsc#1133593).
- drm/nouveau/pci/tu106: initial support (bsc#1133593).
- drm/nouveau/pmu/tu104: initial support (bsc#1133593).
- drm/nouveau/pmu/tu106: initial support (bsc#1133593).
- drm/nouveau/therm/tu104: initial support (bsc#1133593).
- drm/nouveau/therm/tu106: initial support (bsc#1133593).
- drm/nouveau/tmr/tu104: initial support (bsc#1133593).
- drm/nouveau/tmr/tu106: initial support (bsc#1133593).
- drm/nouveau/top/tu104: initial support (bsc#1133593).
- drm/nouveau/top/tu106: initial support (bsc#1133593).
- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).
- drm/nouveau: Add NV_PRINTK_ONCE and variants (bsc#1133593).
- drm/nouveau: Add size to vbios.rom file in debugfs (bsc#1133593).
- drm/nouveau: Add strap_peek to debugfs (bsc#1133593).
- drm/nouveau: Cleanup indenting in nouveau_backlight.c (bsc#1133593).
- drm/nouveau: Fix potential memory leak in nouveau_drm_load() (bsc#1133593).
- drm/nouveau: Move backlight device into nouveau_connector (bsc#1133593).
- drm/nouveau: Refactor nvXX_backlight_init() (bsc#1133593).
- drm/nouveau: Remove unecessary dma_fence_ops (bsc#1133593).
- drm/nouveau: Start using new drm_dev initialization helpers (bsc#1133593).
- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).
- drm/nouveau: add DisplayPort CEC-Tunneling-over-AUX support (bsc#1133593).
- drm/nouveau: register backlight on pascal and newer (bsc#1133593).
- drm/nouveau: remove left-over struct member (bsc#1133593).
- drm/omap: dsi: Fix PM for display blank with paired dss_pll calls (bsc#1111666).
- drm/omap: hdmi4_cec: Fix CEC clock handling for PM (bsc#1111666).
- drm/panel: otm8009a: Add delay at the end of initialization (bsc#1111666).
- drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bsc#1111666).
- drm/pl111: Initialize clock spinlock early (bsc#1111666).
- drm/pl111: fix possible object reference leak (bsc#1111666).
- drm/radeon/evergreen_cs: fix missing break in switch statement (bsc#1113722)
- drm/radeon: prefer lower reference dividers (bsc#1051510).
- drm/rockchip: Properly adjust to a true clock in adjusted_mode (bsc#1051510).
- drm/rockchip: fix for mailbox read validation (bsc#1051510).
- drm/rockchip: fix for mailbox read validation (bsc#1111666).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)
- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)
- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)
- drm/sun4i: Fix sun8i HDMI PHY clock initialization (bsc#1111666).
- drm/sun4i: Fix sun8i HDMI PHY configuration for 148.5 MHz (bsc#1111666).
- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)
- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)
- drm/sun4i: dsi: Change the start delay calculation (bsc#1111666).
- drm/sun4i: dsi: Enforce boundaries on the start delay (bsc#1111666).
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind (bsc#1111666).
- drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() (bsc#1111666).
- drm/tegra: hub: Fix dereference before check (bsc#1111666).
- drm/ttm: Fix bo_global and mem_global kfree error (bsc#1111666).
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bsc#1111666).
- drm/udl: Replace drm_dev_unref with drm_dev_put (bsc#1111666).
- drm/udl: add a release method and delay modeset teardown (bsc#1085536)
- drm/udl: introduce a macro to convert dev to udl (bsc#1111666).
- drm/udl: move to embedding drm device inside udl device (bsc#1111666).
- drm/v3d: Handle errors from IRQ setup (bsc#1111666).
- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)
- drm/vc4: fix fb references in async update (bsc#1141312).
- drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set (bsc#1051510).
- drm/vmwgfx: Honor the sg list segment size limitation (bsc#1111666).
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)
- drm/vmwgfx: Remove set but not used variable 'restart' (bsc#1111666).
- drm/vmwgfx: Use the backdoor port if the HB port is not available (bsc#1111666).
- drm/vmwgfx: fix a warning due to missing dma_parms (bsc#1111666).
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).
- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).
- drm: Fix drm_release() and device unplug (bsc#1111666).
- drm: Wake up next in drm_read() chain if we are forced to putback the event (bsc#1051510).
- drm: add fallback override/firmware EDID modes workaround (bsc#1111666).
- drm: add non-desktop quirk for Valve HMDs (bsc#1111666).
- drm: add non-desktop quirks to Sensics and OSVR headsets (bsc#1111666).
- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)
- drm: don't block fb changes for async plane updates (bsc#1111666).
- drm: etnaviv: avoid DMA API warning when importing buffers (bsc#1111666).
- drm: panel-orientation-quirks: Add quirk for GPD MicroPC (bsc#1111666).
- drm: panel-orientation-quirks: Add quirk for GPD pocket2 (bsc#1111666).
- drm: rcar-du: Fix rcar_du_crtc structure documentation (bsc#1111666).
- drm: return -EFAULT if copy_to_user() fails (bsc#1111666).
- drm_dp_cec: add note about good MegaChips 2900 CEC support (bsc#1136978).
- drm_dp_cec: check that aux has a transfer function (bsc#1136978).
- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).
- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).
- e1000e: start network tx queue only when link is up (bsc#1051510).
- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).
- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).
- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
- efi/arm: libstub: add a root memreserve config table (bsc#1117158).
- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).
- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).
- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).
- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).
- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).
- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).
- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).
- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).
- ext4: Do not warn when enabling DAX (bsc#1132894).
- ext4: actually request zeroing of inode table after grow (bsc#1135315).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).
- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).
- ext4: do not delete unlinked inode from orphan list on failed truncate (bsc#1140891).
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
- ext4: make sanity check in mballoc more strict (bsc#1136439).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- extcon: arizona: Disable mic detect if running when driver is removed (bsc#1051510).
- failover: allow name change on IFF_UP slave interfaces (bsc#1109837).
- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).
- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
- fix cgroup_do_mount() handling of failure exits (bsc#1133095).
- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).
- fork, memcg: fix cached_stacks case (bsc#1134097).
- fork, memcg: fix crash in free_thread_stack on memcg charge fail (bsc#1134097).
- fs/ocfs2: fix race in ocfs2_dentry_attach_lock() (bsc#1140889).
- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bsc#1140887).
- fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (bsc#1140887).
- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).
- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).
- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).
- fs: hugetlbfs: fix hwpoison reserve accounting (bsc#1139712)
- ftrace/x86: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() (bsc#1071995 fate#323487).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- fuse: fallocate: fix return with locked inode (bsc#1051510).
- fuse: fix writepages on 32bit (bsc#1051510).
- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate (bsc#1051510).
- futex: Cure exit race (bsc#1050549).
- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).
- futex: Handle early deadlock return correctly (bsc#1050549).
- genirq: Prevent use-after-free and work list corruption (bsc#1051510).
- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bsc#1051510).
- genwqe: Prevent an integer overflow in the ioctl (bsc#1051510).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- gpio: Remove obsolete comment about gpiochip_free_hogs() usage (bsc#1051510).
- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpio: fix gpio-adp5588 build errors (bsc#1051510).
- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).
- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).
- gpio: omap: fix lack of irqstatus_raw0 for OMAP4 (bsc#1051510).
- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
- gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM (bsc#1111666).
- hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).
- hid: input: fix a4tech horizontal wheel custom usage (bsc#1137429).
- hwmon: (core) add thermal sensors only if dev of_node is present (bsc#1051510).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pmbus/core) Treat parameters as paged if on multiple pages (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwrng: omap - Set default quality (bsc#1051510).
- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1133311).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1133311).
- i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr (bsc#1051510).
- i2c: imx: correct the method of getting private data in notifier_call (bsc#1111666).
- i2c: mlxcpld: Add support for extended transaction length for i2c-mlxcpld (bsc#1112374).
- i2c: mlxcpld: Add support for smbus block read transaction (bsc#1112374).
- i2c: mlxcpld: Allow configurable adapter id for mlxcpld (bsc#1112374).
- i2c: mlxcpld: Fix adapter functionality support callback (bsc#1112374).
- i2c: mlxcpld: Fix wrong initialization order in probe (bsc#1112374).
- i2c: mux: mlxcpld: simplify code to reach the adapter (bsc#1112374).
- i2c: synquacer: fix enumeration of slave devices (bsc#1111666).
- i2c: synquacer: fix synquacer_i2c_doxfer() return value (bsc#1111666).
- ib/hw: Remove unneeded semicolons (bsc#1136456 jsc#SLE-4689).
- ibmveth: Update ethtool settings to reflect virtual properties (bsc#1136157, LTC#177197).
- ibmvnic: Add device identification to requested IRQs (bsc#1137739).
- ibmvnic: Do not close unopened driver during reset (bsc#1137752).
- ibmvnic: Enable GRO (bsc#1132227).
- ibmvnic: Fix completion structure initialization (bsc#1131659).
- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).
- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
- ibmvnic: Refresh device multicast list after reset (bsc#1137752).
- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
- idr: fix overflow case for idr_for_each_entry_ul() (bsc#1109837).
- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).
- iio: Fix scan mask selection (bsc#1051510).
- iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion (bsc#1051510).
- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).
- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).
- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).
- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
- iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data (bsc#1051510).
- iio: core: fix a possible circular locking dependency (bsc#1051510).
- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).
- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).
- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).
- iio: hmc5843: fix potential NULL pointer dereferences (bsc#1051510).
- include/linux/bitops.h: introduce BITS_PER_TYPE (bsc#1136345 jsc#SLE-4681).
- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).
- infiniband/qedr: Potential null ptr dereference of qp (bsc#1136456 jsc#SLE-4689).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: msu: Fix single mode with disabled IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).
- iommu-helper: mark iommu_is_span_boundary as inline (jsc#SLE-6197 bsc#1140559 LTC#173150).
- iommu/amd: Make iommu_disable safer (bsc#1140955).
- iommu/amd: Set exclusion range correctly (bsc#1130425).
- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).
- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
- iommu/arm-smmu-v3: Fix big-endian CMD_SYNC writes (bsc#1111666).
- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bsc#1051510).
- iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bsc#1051510).
- iommu/arm-smmu: Add support for qcom,smmu-v2 variant (bsc#1051510).
- iommu/arm-smmu: Avoid constant zero in TLBI writes (bsc#1140956).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Duplicate iommu_resv_region objects per device list (bsc#1140959).
- iommu/vt-d: Handle PCI bridge RMRR device scopes in intel_iommu_get_resv_regions (bsc#1140960).
- iommu/vt-d: Handle RMRR with PCI bridge device scopes (bsc#1140961).
- iommu/vt-d: Introduce is_downstream_to_pci_bridge helper (bsc#1140962).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Remove unnecessary rcu_read_locks (bsc#1140964).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- iommu: Fix a leak in iommu_insert_resv_region (bsc#1140957).
- iommu: Use right function to get group for device (bsc#1140958).
- iov_iter: Fix build error without CONFIG_CRYPTO (bsc#1111666).
- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
- ipmi: Prevent use-after-free in deliver_response (bsc#1111666).
- ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user release_barrier (bsc#1111666).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
- ipv6: fib: Do not assume only nodes hold a reference on routes (bsc#1138732).
- ipvlan: Add the skb mark as flow4's member to lookup route (bsc#1051510).
- ipvlan: fix ipv6 outbound device (bsc#1051510).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
- irqchip/gic-v3-its: fix some definitions of inner cacheability attributes (bsc#1051510).
- irqchip/mbigen: Don't clear eventid when freeing an MSI (bsc#1051510).
- iw_cxgb*: kzalloc the iwcm verbs struct (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: Check for send WR also while posting write with completion WR (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: Fix qpid leak (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: Make function read_tcb() static (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: complete the cached SRQ buffers (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).
- iw_cxgb4: fix srqidx leak during connection abort (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
- iw_cxgb4: use listening ep tos when accepting new connections (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: use tos when finding ipv6 routes (bsc#1136348 jsc#SLE-4684).
- iw_cxgb4: use tos when importing the endpoint (bsc#1136348 jsc#SLE-4684).
- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).
- iwlwifi: Fix double-free problems in iwl_req_fw_callback() (bsc#1111666).
- iwlwifi: correct one of the PCI struct names (bsc#1111666).
- iwlwifi: don't WARN when calling iwl_get_shared_mem_conf with RF-Kill (bsc#1111666).
- iwlwifi: fix RF-Kill interrupt while FW load for gen2 devices (bsc#1111666).
- iwlwifi: fix cfg structs for 22000 with different RF modules (bsc#1111666).
- iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules (bsc#1111666).
- iwlwifi: fix driver operation for 5350 (bsc#1111666).
- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).
- iwlwifi: mvm: Drop large non sta frames (bsc#1111666).
- iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() (bsc#1051510).
- iwlwifi: pcie: don't crash on invalid RX interrupt (bsc#1051510).
- iwlwifi: pcie: don't service an interrupt that was masked (bsc#1111666).
- iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X (bsc#1111666).
- ixgbe: Avoid NULL pointer dereference with VF on non-IPsec hw (bsc#1140228).
- jbd2: check superblock mapped prior to committing (bsc#1136430).
- kABI fix for hda_codec.relaxed_resume flag (bsc#1111666).
- kABI workaround for asus-wmi changes (bsc#1051510).
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kABI workaround for the new pci_dev.skip_bus_pm field addition (bsc#1051510).
- kABI: protect functions using struct net_generic (bsc#1129845 LTC#176252).
- kABI: protect struct smc_ib_device (bsc#1129845 LTC#176252).
- kABI: protect struct smcd_dev (bsc#1129845 LTC#176252).
- kabi fixup blk_mq_register_dev() (bsc#1140637).
- kabi protect struct iw_cm_id (bsc#1136348 jsc#SLE-4684).
- kabi protect struct vf_info (bsc#1136347 jsc#SLE-4683).
- kabi/severities: exclude hns3 symbols (bsc#1134948)
- kabi/severities: exclude qed* symbols (bsc#1136461)
- kabi/severities: exclude qed* symbols (bsc#1136461)
- kabi: Fix lost iommu-helper symbols on arm64 (jsc#SLE-6197 bsc#1140559 LTC#173150).
- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
- kabi: mask changes made by basic protected virtualization support (jsc#SLE-6197 bsc#1140559 LTC#173150).
- kabi: mask changes made by swiotlb for protected virtualization (jsc#SLE-6197 bsc#1140559 LTC#173150).
- kabi: mask changes made by use of DMA memory for adapter interrupts (jsc#SLE-6197 bsc#1140559 LTC#173150).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
- kabi: remove unused hcall definition (bsc#1140322 LTC#176270).
- kabi: s390: enum interruption_class (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- kabi: s390: enum interruption_class (jsc#SLE-5789 bsc#1134730 LTC#173388).
- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).
- kbuild: use -flive-patching when CONFIG_LIVEPATCH is enabled (bsc#1071995 fate#323487).
- kcm: switch order of device registration to fix a crash (bnc#1130527).
- kernel/padata.c: Make RT aware (SLE Realtime Extension (bnc#1135344)).
- kernel/padata.c: Make RT aware (SLE Realtime Extension (bnc#1135344)).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- kernel: jump label transformation performance (bsc#1137534 bsc#1137535 LTC#178058 LTC#178059).
- kernel: jump label transformation performance (bsc#1137534 bsc#1137535 LTC#178058 LTC#178059).
- kernfs: do not set dentry d_fsdata (boo#1133115).
- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).
- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).
- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).
- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).
- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904 LTC#176078).
- kvm/mmu: kABI fix for *_mmu_pages changes in struct kvm_arch (bsc#1135335).
- kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).
- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
- kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).
- kvm: SVM: Fix detection of AMD Errata 1096 (bsc#1142354).
- kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).
- kvm: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).
- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- kvm: arm/arm64: vgic-its: Take the srcu lock when parsing the memslots (bsc#1133021).
- kvm: arm/arm64: vgic-its: Take the srcu lock when writing to guest memory (bsc#1133021).
- kvm: mmu: Fix overflow on kvm mmu page limit calculation (bsc#1135335).
- kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).
- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).
- kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).
- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- kvm: polling: add architecture backend to disable polling (bsc#1119222).
- kvm: s390: change default halt poll time to 50us (bsc#1119222).
- kvm: s390: enable CONFIG_HAVE_kvm_NO_POLL (bsc#1119222) We need to enable CONFIG_HAVE_kvm_NO_POLL for bsc#1119222
- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
- kvm: s390: fix typo in parameter description (bsc#1119222).
- kvm: s390: kABI Workaround for 'lowcore' (bsc#1119222).
- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
- kvm: s390: provide kvm_arch_no_poll function (bsc#1119222).
- kvm: s390: use created_vcpus in more places (bsc#1136206).
- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
- kvm: svm/avic: fix off-by-one in checking host APIC ID (bsc#1140971).
- kvm: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).
- kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).
- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- kvm: x86: Include CPUID leaf 0x8000001e in kvm's supported CPUID (bsc#1114279).
- kvm: x86: Include multiple indices with CPUID leaf 0x8000001d (bsc#1114279).
- kvm: x86: Report STibP on GET_SUPPORTED_CPUID (bsc#1111331).
- kvm: x86: Skip EFER vs. guest CPUID checks for host-initiated writes (bsc#1140972).
- kvm: x86: fix return value for reserved EFER (bsc#1140992).
- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
- leds: avoid flush_work in atomic context (bsc#1051510).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
- lib/bitmap.c: make bitmap_parselist() thread-safe and much faster (bsc#1143507).
- lib/scatterlist: Fix mapping iterator when sg offset is greater than PAGE_SIZE (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- lib: fix stall in __bitmap_parselist() (bsc#1051510).
- libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk (bsc#1051510).
- libata: fix using DMA buffers on stack (bsc#1051510).
- libceph, rbd, ceph: move ceph_osdc_alloc_messages() calls (bsc#1135897).
- libceph, rbd: add error handling for osd_req_op_cls_init() (bsc#1135897). This feature was requested for SLE15 but aws reverted in packaging and master.
- libceph: assign cookies in linger_submit() (bsc#1135897).
- libceph: check reply num_data_items in setup_request_data() (bsc#1135897).
- libceph: do not consume a ref on pagelist in ceph_msg_data_add_pagelist() (bsc#1135897).
- libceph: enable fallback to ceph_msg_new() in ceph_msgpool_get() (bsc#1135897).
- libceph: introduce alloc_watch_request() (bsc#1135897).
- libceph: introduce ceph_pagelist_alloc() (bsc#1135897).
- libceph: preallocate message data items (bsc#1135897).
- libcxgb: fix incorrect ppmax calculation (bsc#1136345 jsc#SLE-4681).
- libnvdimm, pfn: Fix over-trim in trim_pfn_device() (bsc#1140719).
- libnvdimm/bus: Prevent duplicate device_unregister() calls (bsc#1139865).
- libnvdimm/namespace: Fix label tracking error (bsc#1142350).
- libnvdimm/region: Register badblocks before namespaces (bsc#1143209).
- lightnvm: if LUNs are already allocated fix return (bsc#1085535).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).
- livepatch: Remove custom kobject state handling (bsc#1071995).
- livepatch: Remove duplicate warning about missing reliable stacktrace support (bsc#1071995 fate#323487).
- livepatch: Remove duplicated code for early initialization (bsc#1071995).
- livepatch: Use static buffer for debugging messages under rq lock (bsc#1071995 fate#323487).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mISDN: Check address length before reading address family (bsc#1051510).
- mISDN: make sure device name is NUL terminated (bsc#1051510).
- mac80211/cfg80211: update bss channel on channel switch (bsc#1051510).
- mac80211: Do not use stack memory with scatterlist for GMAC (bsc#1051510).
- mac80211: Fix kernel panic due to use of txq after free (bsc#1051510).
- mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode (bsc#1111666).
- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).
- mac80211: do not start any work during reconfigure flow (bsc#1111666).
- mac80211: don't attempt to rename ERR_PTR() debugfs dirs (bsc#1111666).
- mac80211: drop robust management frames from unknown TA (bsc#1051510).
- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
- mac80211: fix rate reporting inside cfg80211_calculate_bitrate_he() (bsc#1111666).
- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
- mac80211: free peer keys before vif down in mesh (bsc#1111666).
- mac80211: handle deauthentication/disassociation from TDLS peer (bsc#1051510).
- mac80211: mesh: fix RCU warning (bsc#1111666).
- mac80211: only warn once on chanctx_conf being NULL (bsc#1111666).
- mac8390: Fix mmio access size probe (bsc#1051510).
- md: batch flush requests (bsc#1119680).
- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
- media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() (bsc#1051510).
- media: au0828: stop video streaming only when last user stops (bsc#1051510).
- media: coda: clear error return value before picture run (bsc#1051510).
- media: cpia2: Fix use-after-free in cpia2_exit (bsc#1051510).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
- media: go7007: avoid clang frame overflow warning with KASAN (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend (bsc#1051510).
- media: marvell-ccic: fix DMA s/g desc number calculation (bsc#1051510).
- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).
- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: ov2659: make S_FMT succeed even if requested format doesn't match (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: s5p-mfc: Make additional clocks optional (bsc#1051510).
- media: saa7146: avoid high stack usage with clang (bsc#1051510).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: smsusb: better handle optional alignment (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: usb: siano: Fix false-positive 'uninitialized variable' warning (bsc#1051510).
- media: usb: siano: Fix general protection fault in smsusb (bsc#1051510).
- media: v4l2-ioctl: clear fields in s_parm (bsc#1051510).
- media: v4l2: Test type instead of cfg type in v4l2_ctrl_new_custom() (bsc#1051510).
- media: vivid: fix incorrect assignment operation when setting video mode (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- mei: bus: need to unlink client before freeing (bsc#1051510).
- mei: me: add denverton innovation engine device IDs (bsc#1051510).
- mei: me: add gemini lake devices id (bsc#1051510).
- memcg: make it work on sparse non-0-node systems (bnc#1133616).
- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
- memory: tegra: Fix integer overflow on tick value calculation (bsc#1051510).
- memstick: Fix error cleanup path of memstick_init (bsc#1051510).
- mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L (bsc#1051510).
- mfd: hi655x: Fix regmap area declared size for hi655x (bsc#1051510).
- mfd: intel-lpss: Release IDA resources (bsc#1051510).
- mfd: intel-lpss: Set the device in reset state when init (bsc#1051510).
- mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values (bsc#1051510).
- mfd: tps65912-spi: Add missing of table registration (bsc#1051510).
- mfd: twl6040: Fix device init errors for ACCCTL register (bsc#1051510).
- mips: fix an off-by-one in dma_capable (jsc#SLE-6197 bsc#1140559 LTC#173150).
- mlxsw: core: Add API for QSFP module temperature thresholds reading (bsc#1112374).
- mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue (bsc#1112374).
- mlxsw: core: Move ethtool module callbacks to a common location (bsc#1112374).
- mlxsw: core: Prevent reading unsupported slave address from SFP EEPROM (bsc#1112374).
- mlxsw: core: mlxsw: core: avoid -Wint-in-bool-context warning (bsc#1112374).
- mlxsw: pci: Reincrease PCI reset timeout (bsc#1112374).
- mlxsw: reg: Add Management Temperature Bulk Register (bsc#1112374).
- mlxsw: spectrum: Move QSFP EEPROM definitions to common location (bsc#1112374).
- mlxsw: spectrum: Put MC TCs into DWRR mode (bsc#1112374).
- mlxsw: spectrum_dcb: Configure DSCP map as the last rule is removed (bsc#1112374).
- mlxsw: spectrum_flower: Fix TOS matching (bsc#1112374).
- mm, page_alloc: fix has_unmovable_pages for HugePages (bsc#1127034).
- mm/debug.c: fix __dump_page when mapping host is not set (bsc#1131934).
- mm/devm_memremap_pages: introduce devm_memunmap_pages (bsc#1103992 FATE#326009).
- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
- mm/nvdimm: add is_ioremap_addr and use that to check ioremap address (bsc#1140322 LTC#176270).
- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).
- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).
- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
- mm: fix race on soft-offlining free huge pages (bsc#1139712).
- mm: hugetlb: delete dequeue_hwpoisoned_huge_page() (bsc#1139712).
- mm: hugetlb: prevent reuse of hwpoisoned free hugepages (bsc#1139712).
- mm: hugetlb: soft-offline: dissolve source hugepage after successful migration (bsc#1139712).
- mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge (bsc#bsc#1139712).
- mm: hugetlb: soft_offline: save compound page order before page migration (bsc#1139712)
- mm: hwpoison: change PageHWPoison behavior on hugetlb pages (bsc#1139712).
- mm: hwpoison: dissolve in-use hugepage in unrecoverable memory error (bsc#1139712).
- mm: hwpoison: introduce idenfity_page_state (bsc#1139712).
- mm: hwpoison: introduce memory_failure_hugetlb() (bsc#1139712).
- mm: migrate: Fix reference check race between __find_get_block() and migration (bnc#1137609).
- mm: replace all open encodings for NUMA_NO_NODE (bsc#1140322 LTC#176270).
- mm: soft-offline: close the race against page allocation (bsc#1139712).
- mm: soft-offline: dissolve free hugepage if soft-offlined (bsc#1139712).
- mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails (bsc#1139712).
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- mmc: bcm2835 MMC issues (bsc#1070872).
- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).
- mmc: core: Fix tag set memory leak (bsc#1111666).
- mmc: core: Prevent processing SDIO IRQs when the card is suspended (bsc#1051510).
- mmc: core: Verify SD bus width (bsc#1051510).
- mmc: core: complete HS400 before checking status (bsc#1111666).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers (bsc#1051510).
- mmc: davinci: remove extraneous __init annotation (bsc#1051510).
- mmc: mmci: Prevent polling for busy detection in IRQ context (bsc#1051510).
- mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).
- mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).
- mmc: sdhci-of-esdhc: add erratum A-009204 support (bsc#1051510).
- mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support (bsc#1051510).
- mmc: sdhci-of-esdhc: add erratum eSDHC5 support (bsc#1051510).
- mmc: sdhci-pci: Try 'cd' for card-detect lookup before using NULL (bsc#1051510).
- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).
- mmc: sdhci: Handle auto-command errors (bsc#1051510).
- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).
- mmc: tmio_mmc_core: don't claim spurious interrupts (bsc#1051510).
- mmc_spi: add a status check for spi_sync_locked (bsc#1051510).
- module: Fix livepatch/ftrace module text permissions race (bsc#1071995 fate#323487).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mt7601u: bump supported EEPROM version (bsc#1051510).
- mt7601u: do not schedule rx_tasklet when the device has been disconnected (bsc#1111666).
- mt7601u: fix possible memory leak when the device is disconnected (bsc#1111666).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: docg3: fix a possible memory leak of mtd name (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: Make resume actually do something useful again on SDIO cards (bsc#1111666).
- mwifiex: don't advertise IBSS features without FW support (bsc#1129770).
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- net/af_iucv: build proper skbs for HiperTransport (bsc#1142221 LTC#179332).
- net/af_iucv: remove GFP_DMA restriction for HiperTransport (bsc#1142112 bsc#1142221 LTC#179334 LTC#179332).
- net/af_iucv: remove GFP_DMA restriction for HiperTransport (bsc#1142112 bsc#1142221 LTC#179334 LTC#179332).
- net/af_iucv: remove GFP_DMA restriction for HiperTransport (bsc#1142221 LTC#179332).
- net/ibmvnic: Remove tests of member address (bsc#1137739).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/mlx5: Avoid reloading already removed devices (bsc#1103990 FATE#326006).
- net/mlx5: FPGA, tls, hold rcu read lock a bit longer (bsc#1103990 FATE#326006).
- net/mlx5: FPGA, tls, idr remove on flow delete (bsc#1103990 FATE#326006).
- net/mlx5: Set completion EQs as shared resources (bsc#1103991 FATE#326007).
- net/mlx5: Update pci error handler entries and command translation (bsc#1103991 FATE#326007).
- net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled (bsc#1103990 FATE#326006).
- net/mlx5e: Fix the max MTU check in case of XDP (bsc#1103990 FATE#326006).
- net/mlx5e: Fix trailing semicolon (bsc#1075020).
- net/mlx5e: Fix use-after-free after xdp_return_frame (bsc#1103990 FATE#326006).
- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).
- net/mlx5e: Rx, Check ip headers sanity (bsc#1103990 FATE#326006).
- net/mlx5e: Rx, Fix checksum calculation for new hardware (bsc#1127611).
- net/mlx5e: Rx, Fixup skb checksum for packets with tail padding (bsc#1109837).
- net/mlx5e: XDP, Fix shifted flag index in RQ bitmap (bsc#1103990 FATE#326006).
- net/sched: cbs: Fix error path of cbs_module_init (bsc#1109837).
- net/sched: cbs: fix port_rate miscalculation (bsc#1109837).
- net/sched: don't dereference a goto_chain to read the chain index (bsc#1064802 bsc#1066129).
- net/sched: don't dereference a goto_chain to read the chain index (bsc#1064802 bsc#1066129).
- net/smc: add pnet table namespace support (bsc#1129845 LTC#176252).
- net/smc: add smcd support to the pnet table (bsc#1129845 LTC#176252).
- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1129845 LTC#176252).
- net/smc: allow pnetid-less configuration (bsc#1129845 LTC#176252).
- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1129845 LTC#176252).
- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
- net/smc: return booleans instead of integers (bsc#1096003, FATE#325023, LTC#164003).
- net/smc: rework pnet table (bsc#1129845 LTC#176252).
- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).
- net/tls: avoid NULL pointer deref on nskb sk in fallback (bsc#1109837).
- net/tls: avoid potential deadlock in tls_set_device_offload_rx() (bsc#1109837).
- net/tls: don't copy negative amounts of data in reencrypt (bsc#1109837).
- net/tls: don't ignore netdev notifications if no TLS features (bsc#1109837).
- net/tls: don't leak IV and record seq when offload fails (bsc#1109837).
- net/tls: don't leak partially sent record in device mode (bsc#1109837).
- net/tls: fix build without CONFIG_TLS_DEVICE (bsc#1109837).
- net/tls: fix copy to fragments in reencrypt (bsc#1109837).
- net/tls: fix page double free on TX cleanup (bsc#1109837).
- net/tls: fix refcount adjustment in fallback (bsc#1109837).
- net/tls: fix socket wmem accounting on fallback with netem (bsc#1109837).
- net/tls: fix state removal with feature flags off (bsc#1109837).
- net/tls: fix the IV leaks (bsc#1109837).
- net/tls: free ctx in sock destruct (bsc#1136353 jsc#SLE-4688).
- net/tls: make sure offload also gets the keys wiped (bsc#1109837).
- net/tls: prevent bad memory access in tls_is_sk_tx_device_offloaded() (bsc#1109837).
- net/tls: replace the sleeping lock around RX resync with a bit lock (bsc#1109837).
- net/udp_gso: Allow TX timestamp with UDP GSO (bsc#1109837).
- net: Fix missing meta data in skb with vlan packet (bsc#1109837).
- net: chelsio: Add a missing check on cudg_get_buffer (bsc#1136345 jsc#SLE-4681).
- net: core: support XDP generic on stacked devices (bsc#1109837).
- net: cxgb4: fix various indentation issues (bsc#1136345 jsc#SLE-4681).
- net: don't clear sock sk early to avoid trouble in strparser (bsc#1103990 FATE#326006).
- net: ena: Fix bug where ring allocation backoff stopped too late (bsc#1138879).
- net: ena: add MAX_QUEUES_EXT get feature admin command (bsc#1138879).
- net: ena: add ethtool function for changing io queue sizes (bsc#1138879).
- net: ena: add good checksum counter (bsc#1138879).
- net: ena: add handling of llq max tx burst size (bsc#1138879).
- net: ena: add newline at the end of pr_err prints (bsc#1138879).
- net: ena: add support for changing max_header_size in LLQ mode (bsc#1138879).
- net: ena: allow automatic fallback to polling mode (bsc#1138879).
- net: ena: allow queue allocation backoff when low on memory (bsc#1138879).
- net: ena: arrange ena_probe() function variables in reverse christmas tree (bsc#1138879).
- net: ena: enable negotiating larger Rx ring size (bsc#1138879).
- net: ena: ethtool: add extra properties retrieval via get_priv_flags (bsc#1138879).
- net: ena: fix ena_com_fill_hash_function() implementation (bsc#1138879).
- net: ena: fix incorrect test of supported hash function (bsc#1138879).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
- net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry (bsc#1138879).
- net: ena: fix: Free napi resources when ena_up() fails (bsc#1138879).
- net: ena: fix: set freed objects to NULL to avoid failing future allocations (bsc#1138879).
- net: ena: gcc 8: fix compilation warning (bsc#1138879).
- net: ena: improve latency by disabling adaptive interrupt moderation by default (bsc#1138879).
- net: ena: make ethtool show correct current and max queue sizes (bsc#1138879).
- net: ena: optimise calculations for CQ doorbell (bsc#1138879).
- net: ena: remove inline keyword from functions in *.c (bsc#1138879).
- net: ena: replace free_tx/rx_ids union with single free_ids field in ena_ring (bsc#1138879).
- net: ena: update driver version from 2.0.3 to 2.1.0 (bsc#1138879).
- net: ena: use dev_info_once instead of static variable (bsc#1138879).
- net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set (bsc#1130836).
- net: hns3: Add handling of MAC tunnel interruption (bsc#1104353 bsc#1134983).
- net: hns3: Add support for netif message level settings (bsc#1104353 bsc#1134989).
- net: hns3: Fix inconsistent indenting (bsc#1140676).
- net: hns3: Make hclge_destroy_cmd_queue static (bsc#1104353 bsc#1137201).
- net: hns3: Make hclgevf_update_link_mode static (bsc#1104353 bsc#1137201).
- net: hns3: add counter for times RX pages gets allocated (bsc#1104353 bsc#1134947).
- net: hns3: add error handler for initializing command queue (bsc#1104353 bsc#1135058).
- net: hns3: add function type check for debugfs help information (bsc#1104353 bsc#1134980).
- net: hns3: add hns3_gro_complete for HW GRO process (bsc#1104353 bsc#1135051).
- net: hns3: add linearizing checking for TSO case (bsc#1104353 bsc#1134947).
- net: hns3: add queue's statistics update to service task (bsc#1104353 bsc#1134981).
- net: hns3: add reset statistics for VF (bsc#1104353 bsc#1134995).
- net: hns3: add reset statistics info for PF (bsc#1104353 bsc#1134995).
- net: hns3: add some debug info for hclgevf_get_mbx_resp() (bsc#1104353 bsc#1134994).
- net: hns3: add some debug information for hclge_check_event_cause (bsc#1104353 bsc#1134994).
- net: hns3: add support for dump ncl config by debugfs (bsc#1104353 bsc#1134987).
- net: hns3: adjust the timing of hns3_client_stop when unloading (bsc#1104353 bsc#1137201).
- net: hns3: always assume no drop TC for performance reason (bsc#1104353 bsc#1135049).
- net: hns3: check 1000M half for hns3_ethtool_ops.set_link_ksettings (bsc#1104353 bsc#1137201).
- net: hns3: check resetting status in hns3_get_stats() (bsc#1104353 bsc#1137201).
- net: hns3: code optimization for command queue' spin lock (bsc#1104353 bsc#1135042).
- net: hns3: combine len and checksum handling for inner and outer header (bsc#1104353 bsc#1134947).
- net: hns3: deactive the reset timer when reset successfully (bsc#1104353 bsc#1137201).
- net: hns3: divide shared buffer between TC (bsc#1104353 bsc#1135047).
- net: hns3: do not initialize MDIO bus when PHY is inexistent (bsc#1104353 bsc#1135045).
- net: hns3: do not request reset when hardware resetting (bsc#1104353 bsc#1137201).
- net: hns3: dump more information when tx timeout happens (bsc#1104353 bsc#1134990).
- net: hns3: fix VLAN offload handle for VLAN inserted by port (bsc#1104353 bsc#1135053).
- net: hns3: fix data race between ring next_to_clean (bsc#1104353 bsc#1134975 bsc#1134945).
- net: hns3: fix data race between ring next_to_clean (bsc#1104353 bsc#1134975 bsc#1134945).
- net: hns3: fix for HNS3_RXD_GRO_SIZE_M macro (bsc#1104353 bsc#1137201).
- net: hns3: fix for tunnel type handling in hns3_rx_checksum (bsc#1104353 bsc#1134946).
- net: hns3: fix for vport bw_limit overflow problem (bsc#1104353 bsc#1134998).
- net: hns3: fix keep_alive_timer not stop problem (bsc#1104353 bsc#1135055).
- net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() (bsc#1104353 bsc#1134990).
- net: hns3: fix pause configure fail problem (bsc#1104353 bsc#1134951 bsc#1134951).
- net: hns3: fix set port based VLAN for PF (bsc#1104353 bsc#1135053).
- net: hns3: fix set port based VLAN issue for VF (bsc#1104353 bsc#1135053).
- net: hns3: fix sparse: warning when calling hclge_set_vlan_filter_hw() (bsc#1104353 bsc#1134999).
- net: hns3: free the pending skb when clean RX ring (bsc#1104353 bsc#1135044).
- net: hns3: handle pending reset while reset fail (bsc#1104353 bsc#1135058).
- net: hns3: handle the BD info on the last BD of the packet (bsc#1104353 bsc#1134974).
- net: hns3: ignore lower-level new coming reset (bsc#1104353 bsc#1137201).
- net: hns3: minor refactor for hns3_rx_checksum (bsc#1104353 bsc#1135052).
- net: hns3: modify VLAN initialization to be compatible with port based VLAN (bsc#1104353 bsc#1135053).
- net: hns3: modify the VF network port media type acquisition method (bsc#1104353 bsc#1137201).
- net: hns3: not reset TQP in the DOWN while VF resetting (bsc#1104353 bsc#1134952).
- net: hns3: not reset vport who not alive when PF reset (bsc#1104353 bsc#1137201).
- net: hns3: optimize the barrier using when cleaning TX BD (bsc#1104353 bsc#1134945).
- net: hns3: prevent change MTU when resetting (bsc#1104353 bsc#1137201).
- net: hns3: prevent double free in hns3_put_ring_config() (bsc#1104353 bsc#1134950).
- net: hns3: reduce resources use in kdump kernel (bsc#1104353 bsc#1137201).
- net: hns3: refactor BD filling for l2l3l4 info (bsc#1104353 bsc#1134947).
- net: hns3: refine tx timeout count handle (bsc#1104353 bsc#1134990).
- net: hns3: remove reset after command send failed (bsc#1104353 bsc#1134949).
- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).
- net: hns3: return 0 and print warning when hit duplicate MAC (bsc#1104353 bsc#1137201).
- net: hns3: set dividual reset level for all RAS and MSI-X errors (bsc#1104353 bsc#1135046).
- net: hns3: set up the vport alive state while reinitializing (bsc#1104353 bsc#1137201).
- net: hns3: set vport alive state to default while resetting (bsc#1104353 bsc#1137201).
- net: hns3: some cleanup for struct hns3_enet_ring (bsc#1104353 bsc#1134947).
- net: hns3: stop mailbox handling when command queue need re-init (bsc#1104353 bsc#1135058).
- net: hns3: stop sending keep alive msg when VF command queue needs reinit (bsc#1104353 bsc#1134972).
- net: hns3: unify maybe_stop_tx for TSO and non-TSO case (bsc#1104353 bsc#1134947).
- net: hns3: unify the page reusing for page size 4K and 64K (bsc#1104353 bsc#1134947).
- net: hns3: use atomic_t replace u32 for arq's count (bsc#1104353 bsc#1134953).
- net: hns3: use devm_kcalloc when allocating desc_cb (bsc#1104353 bsc#1134947).
- net: hns3: use napi_schedule_irqoff in hard interrupts handlers (bsc#1104353 bsc#1134947).
- net: hns: Fix WARNING when remove HNS driver with SMMU enabled (bsc#1140676).
- net: hns: Fix loopback test failed at copper ports (bsc#1140676).
- net: hns: Fix probabilistic memory overwrite when HNS driver initialized (bsc#1140676).
- net: hns: Use NAPI_POLL_WEIGHT for hns driver (bsc#1140676).
- net: hns: fix ICMP6 neighbor solicitation messages discard problem (bsc#1140676).
- net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() (bsc#1140676).
- net: hns: fix unsigned comparison to less than zero (bsc#1140676).
- net: mvpp2: Use strscpy to handle stat strings (bsc#1098633).
- net: mvpp2: Use strscpy to handle stat strings (bsc#1098633).
- net: mvpp2: prs: Fix parser range for VID filtering (bsc#1098633).
- net: mvpp2: prs: Fix parser range for VID filtering (bsc#1098633).
- net: mvpp2: prs: Use the correct helpers when removing all VID filters (bsc#1098633).
- net: mvpp2: prs: Use the correct helpers when removing all VID filters (bsc#1098633).
- net: phy: marvell10g: report if the PHY fails to boot firmware (bsc#1119113 FATE#326472).
- net: phy: marvell: Enable interrupt function on LED2 pin (bsc#1135018).
- net: phy: marvell: add new default led configure for m88e151x (bsc#1135018).
- net: phy: marvell: change default m88e1510 LED configuration (bsc#1135018).
- net: smc_close: mark expected switch fall-through (bsc#1096003, FATE#325023, LTC#164003).
- net: tls, correctly account for copied bytes with multiple sk_msgs (bsc#1109837).
- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
- net: use indirect call wrappers at GRO network layer (bsc#1124503).
- net: use indirect call wrappers at GRO transport layer (bsc#1124503).
- new primitive: vmemdup_user() (jsc#SLE-4712 bsc#1136156).
- nfit/ars: Allow root to busy-poll the ARS state machine (bsc#1140814).
- nfp: bpf: fix static check error through tightening shift amount adjustment (bsc#1109837).
- nfp: flower: add rcu locks when accessing netdev for tunnels (bsc#1109837).
- nfs: Fix dentry revalidation on nfsv4 lookup (bsc#1132618).
- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
- nl80211: fix station_info pertid memory leak (bsc#1051510).
- nvme-fc: use separate work queue to avoid warning (bsc#1131673).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1130937).
- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).
- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).
- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
- nvme: Do not remove namespaces during reset (bsc#1131673).
- nvme: add proper discard setup for the multipath device (bsc#1114638).
- nvme: copy MTFA field from identify controller (bsc#1140715).
- nvme: fix memory leak caused by incorrect subsystem free (bsc#1143185).
- nvme: fix the dangerous reference of namespaces list (bsc#1131673).
- nvme: flush scan_work when resetting controller (bsc#1131673).
- nvme: make sure ns head inherits underlying device limits (bsc#1131673).
- nvme: only reconfigure discard if necessary (bsc#1114638).
- nvme: skip nvme_update_disk_info() if the controller is not live (bsc#1128432).
- nvmem: Don't let a NULL cell_id for nvmem_cell_get() crash us (bsc#1051510).
- nvmem: allow to select i.MX nvmem driver for i.MX 7D (bsc#1051510).
- nvmem: core: fix read buffer in place (bsc#1051510).
- nvmem: correct Broadcom OTP controller driver writes (bsc#1051510).
- nvmem: imx-ocotp: Add i.MX7D timing write clock setup support (bsc#1051510).
- nvmem: imx-ocotp: Add support for banked OTP addressing (bsc#1051510).
- nvmem: imx-ocotp: Enable i.MX7D OTP write support (bsc#1051510).
- nvmem: imx-ocotp: Move i.MX6 write clock setup to dedicated function (bsc#1051510).
- nvmem: imx-ocotp: Pass parameters via a struct (bsc#1051510).
- nvmem: imx-ocotp: Restrict OTP write to IMX6 processors (bsc#1051510).
- nvmem: imx-ocotp: Update module description (bsc#1051510).
- nvmem: properly handle returned value nvmem_reg_read (bsc#1051510).
- objtool: Fix function fallthrough detection (bsc#1058115).
- ocfs2: add first lock wait time in locking_state (bsc#1134390).
- ocfs2: add last unlock times in locking_state (bsc#1134390).
- ocfs2: add locking filter debugfs file (bsc#1134390).
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
- ocfs2: try to reuse extent block in dealloc without meta_alloc (bsc#1128902).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- overflow: Fix -Wtype-limits compilation warnings (bsc#1111666).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- p54usb: Fix race between disconnect and firmware loading (bsc#1111666).
- parport: Fix mem leak in parport_register_dev_model (bsc#1051510).
- pci / PM: Use SMART_SUSPEND and LEAVE_SUSPENDED flags for PCIe ports (bsc#1142623).
- pci/aer: Use cached AER Capability offset (bsc#1142623).
- pci/p2pdma: Fix missing check for dma_virt_ops (bsc#1111666).
- pci/portdrv: Add #defines for AER and DPC Interrupt Message Number masks (bsc#1142623).
- pci/portdrv: Consolidate comments (bsc#1142623).
- pci/portdrv: Disable port driver in compat mode (bsc#1142623).
- pci/portdrv: Remove pcie_portdrv_err_handler.slot_reset (bsc#1142623).
- pci/portdrv: Support PCIe services on subtractive decode bridges (bsc#1142623).
- pci/portdrv: Use conventional Device ID table formatting (bsc#1142623).
- pci: Init PCIe feature bits for managed host bridge alloc (bsc#1111666).
- pci: hv: Add hv_pci_remove_slots() when we unload the driver (bsc#1142701).
- pci: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary (bsc#1142701).
- pci: hv: Fix a memory leak in hv_eject_device_work() (bsc#1142701).
- pci: hv: Fix a use-after-free bug in hv_eject_device_work() (bsc#1142701).
- pci: hv: Fix return value check in hv_pci_assign_slots() (bsc#1142701).
- pci: hv: Remove unused reason for refcount handler (bsc#1142701).
- pci: hv: support reporting serial number as slot information (bsc#1142701).
- pci: pciehp: Convert to threaded IRQ (bsc#1133005).
- pci: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).
- pci: pciehp: Tolerate Presence Detect hardwired to zero (bsc#1133016).
- pci: portdrv: Restore PCI config state on slot reset (bsc#1142623).
- perf/x86/amd: Add event map for AMD Family 17h (bsc#1134223).
- perf/x86/amd: Update generic hardware cache events for Family 17h (bsc#1134223).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs (bsc#1051510).
- pinctrl/amd: add get_direction handler (bsc#1140463).
- pinctrl/amd: fix gpio irq level in debugfs (bsc#1140463).
- pinctrl/amd: fix masking of GPIO interrupts (bsc#1140463).
- pinctrl/amd: make functions amd_gpio_suspend and amd_gpio_resume static (bsc#1140463).
- pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type (bsc#1140463).
- pinctrl/amd: poll InterruptEnable bits in enable_irq (bsc#1140463).
- pkey: Indicate old mkvp only if old and current mkvp are different (bsc#1137827 LTC#178090).
- platform/chrome: cros_ec_proto: check for NULL transfer function (bsc#1051510).
- platform/mellanox: Add TmFifo driver for Mellanox BlueField Soc (bsc#1136333 jsc#SLE-4994).
- platform/mellanox: Add new ODM system types to mlx-platform (bsc#1112374).
- platform/mellanox: mlxreg-hotplug: Add devm_free_irq call to remove flow (bsc#1111666).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: asus-nb-wmi: Support ALS on the Zenbook UX430UQ (bsc#1051510).
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi (bsc#1051510).
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: mlx-platform: Add ASIC hotplug device configuration (bsc#1112374).
- platform/x86: mlx-platform: Add LED platform driver activation (bsc#1112374).
- platform/x86: mlx-platform: Add UID LED for the next generation systems (bsc#1112374).
- platform/x86: mlx-platform: Add definitions for new registers (bsc#1112374).
- platform/x86: mlx-platform: Add extra CPLD for next generation systems (bsc#1112374).
- platform/x86: mlx-platform: Add mlx-wdt platform driver activation (bsc#1112374).
- platform/x86: mlx-platform: Add mlxreg-fan platform driver activation (bsc#1112374).
- platform/x86: mlx-platform: Add mlxreg-io platform driver activation (bsc#1112374).
- platform/x86: mlx-platform: Add support for fan capability registers (bsc#1112374).
- platform/x86: mlx-platform: Add support for fan direction register (bsc#1112374).
- platform/x86: mlx-platform: Add support for new VMOD0007 board name (bsc#1112374).
- platform/x86: mlx-platform: Add support for tachometer speed register (bsc#1112374).
- platform/x86: mlx-platform: Allow mlxreg-io driver activation for more systems (bsc#1112374).
- platform/x86: mlx-platform: Allow mlxreg-io driver activation for new systems (bsc#1112374).
- platform/x86: mlx-platform: Change mlxreg-io configuration for MSN274x systems (bsc#1112374).
- platform/x86: mlx-platform: Convert to use SPDX identifier (bsc#1112374).
- platform/x86: mlx-platform: Fix LED configuration (bsc#1112374).
- platform/x86: mlx-platform: Fix access mode for fan_dir attribute (bsc#1112374).
- platform/x86: mlx-platform: Fix copy-paste error in mlxplat_init() (bsc#1112374).
- platform/x86: mlx-platform: Fix parent device in i2c-mux-reg device registration (bsc#1051510).
- platform/x86: mlx-platform: Fix tachometer registers (bsc#1112374).
- platform/x86: mlx-platform: Remove unused define (bsc#1112374).
- platform/x86: mlx-platform: Rename new systems product names (bsc#1112374).
- platform/x86: pmc_atom: Add CB4063 Beckhoff Automation board to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- platform_data/mlxreg: Add capability field to core platform data (bsc#1112374).
- platform_data/mlxreg: Document fixes for core platform data (bsc#1112374).
- platform_data/mlxreg: additions for Mellanox watchdog driver (bsc#1112374).
- pm: acpi/PCI: Resume all devices during hibernation (bsc#1111666).
- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
- power: supply: max14656: fix potential use-before-alloc (bsc#1051510).
- power: supply: sysfs: prevent endless uevent loop with CONFIG_POWER_SUPPLY_DEBUG (bsc#1051510).
- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).
- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
- powerpc/64s: Remove POWER9 DD1 support (bsc#1055117, LTC#159753, FATE#323286, git-fixes).
- powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild (bsc#1138374, LTC#178199).
- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).
- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).
- powerpc/mm/drconf: Use NUMA_NO_NODE on failures instead of node 0 (bsc#1140322 LTC#176270).
- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).
- powerpc/mm/hugetlb: Update huge_ptep_set_access_flags to call __ptep_set_access_flags directly (bsc#1055117).
- powerpc/mm/radix: Change pte relax sequence to handle nest MMU hang (bsc#1055117).
- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, fate#323286, git-fixes).
- powerpc/mm/radix: Move function from radix.h to pgtable-radix.c (bsc#1055117).
- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, fate#323286, git-fixes).
- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).
- powerpc/mm: Change function prototype (bsc#1055117).
- powerpc/mm: Check secondary hash page table (bsc#1065729).
- powerpc/mm: Consolidate numa_enable check and min_common_depth check (bsc#1140322 LTC#176270).
- powerpc/mm: Fix node look up with numa=off boot (bsc#1140322 LTC#176270).
- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, fate#323286, git-fixes).
- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).
- powerpc/numa: improve control of topology updates (bsc#1133584).
- powerpc/papr_scm: Force a scm-unbind if initial scm-bind fails (bsc#1140322 LTC#176270).
- powerpc/papr_scm: Update drc_pmem_unbind() to use H_SCM_UNBIND_ALL (bsc#1140322 LTC#176270).
- powerpc/perf: Add PM_LD_MISS_L1 and PM_BR_2PATH to power9 event list (bsc#1137728, LTC#178106).
- powerpc/perf: Add POWER9 alternate PM_RUN_CYC and PM_RUN_INST_CMPL events (bsc#1137728, LTC#178106).
- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).
- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).
- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).
- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).
- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).
- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).
- powerpc/powernv: Don't reprogram SLW image on every KVM guest entry/exit (bsc#1061840).
- powerpc/powernv: Make opal log only readable by root (bsc#1065729).
- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).
- powerpc/process: Fix sparse address space warnings (bsc#1065729).
- powerpc/pseries/mobility: prevent cpu hotplug during DT update (bsc#1138374, LTC#178199).
- powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration (bsc#1138374, LTC#178199).
- powerpc/pseries: Fix oops in hotplug memory notifier (bsc#1138375, LTC#178204).
- powerpc/pseries: Update SCM hcall op-codes in hvcall.h (bsc#1140322 LTC#176270).
- powerpc/rtas: retry when cpu offline races with suspend/migration (bsc#1140428, LTC#178808).
- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).
- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).
- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).
- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).
- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).
- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).
- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).
- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).
- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).
- powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bsc#1061840).
- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).
- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).
- ppc: Convert mmu context allocation to new IDA API (bsc#1139619 LTC#178538).
- ppp: mppe: Add softdep to arc4 (bsc#1088047).
- proc/kcore: don't bounds check against address 0 (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Don't disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: stm32: Use 3 cells of_xlate() (bsc#1111666).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qedi: Use hwfns and affin_hwfn_idx to get MSI-X vector index (jsc#SLE-4693 bsc#1136462).
- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128971).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qla2xxx: kABI fixes for v10.00.00.14-k (bsc#1136215).
- qla2xxx: kABI fixes for v10.01.00.15-k (bsc#1136215).
- qlcnic: Avoid potential NULL pointer dereference (bsc#1051510).
- qlcnic: remove assumption that vlan_tci != 0 (bsc#1136469 jsc#SLE-4695).
- qlcnic: remove set but not used variables 'cur_rings, max_hw_rings, tx_desc_info' (bsc#1136469 jsc#SLE-4695).
- qlcnic: remove set but not used variables 'op, cmd_op' (bsc#1136469 jsc#SLE-4695).
- qmi_wwan: Add quirk for Quectel dynamic config (bsc#1051510).
- qmi_wwan: Fix out-of-bounds read (bsc#1111666).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- qmi_wwan: add network device usage statistics for qmimux devices (bsc#1051510).
- qmi_wwan: add support for QMAP padding in the RX path (bsc#1051510).
- qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode (bsc#1051510).
- qmi_wwan: extend permitted QMAP mux_id value range (bsc#1051510).
- rapidio: fix a NULL pointer dereference when create_workqueue() fails (bsc#1051510).
- rbd: do not assert on writes to snapshots (bsc#1137985 bsc#1138681).
- rbd: do not assert on writes to snapshots (bsc#1137985 bsc#1138681).
- rdma/cxbg: Use correct sizing on buffers holding page DMA addresses (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).
- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).
- rdma/cxgb4: Add support for srq functions and structs (bsc#1127371).
- rdma/cxgb4: Don't expose DMA addresses (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Fix null pointer dereference on alloc_skb failure (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Fix spelling mistake 'immedate' 'immediate' (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).
- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).
- rdma/cxgb4: Remove kref accounting for sync operation (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: Use sizeof() notation (bsc#1136348 jsc#SLE-4684).
- rdma/cxgb4: fix some info leaks (bsc#1127371).
- rdma/hns: Add SCC context allocation support for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Add SCC context clr support for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Add constraint on the setting of local ACK timeout (bsc#1104427 bsc#1137233).
- rdma/hns: Add the process of AEQ overflow for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Add timer allocation support for hip08 (bsc#1104427 bsc#1126206).
- rdma/hns: Bugfix for SCC hem free (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for mapping user db (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for posting multiple srq work request (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for sending with invalidate (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for set hem of SCC (bsc#1104427 bsc#1137236).
- rdma/hns: Bugfix for the scene without receiver queue (bsc#1104427 bsc#1137233).
- rdma/hns: Configure capacity of hns device (bsc#1104427 bsc#1137236).
- rdma/hns: Delete useful prints for aeq subtype event (bsc#1104427 bsc#1126206).
- rdma/hns: Fix the Oops during rmmod or insmod ko when reset occurs (bsc#1104427 bsc#1137232).
- rdma/hns: Fix the bug with updating rq head pointer when flush cqe (bsc#1104427 bsc#1137233).
- rdma/hns: Fix the chip hanging caused by sending doorbell during reset (bsc#1104427 bsc#1137232).
- rdma/hns: Fix the chip hanging caused by sending mailbox CMQ during reset (bsc#1104427 bsc#1137232).
- rdma/hns: Fix the state of rereg mr (bsc#1104427 bsc#1137236).
- rdma/hns: Hide error print information with roce vf device (bsc#1104427 bsc#1137236).
- rdma/hns: Limit minimum ROCE CQ depth to 64 (bsc#1104427 bsc#1137236).
- rdma/hns: Make some function static (bsc#1104427 bsc#1126206).
- rdma/hns: Modify qp specification according to UM (bsc#1104427 bsc#1137233).
- rdma/hns: Modify the pbl ba page size for hip08 (bsc#1104427 bsc#1137233).
- rdma/hns: Move spin_lock_irqsave to the correct place (bsc#1104427 bsc#1137236).
- rdma/hns: Remove jiffies operation in disable interrupt context (bsc#1104427 bsc#1137236).
- rdma/hns: Remove set but not used variable 'rst' (bsc#1104427 bsc#1126206).
- rdma/hns: Set allocated memory to zero for wrid (bsc#1104427 bsc#1137236).
- rdma/hns: Update CQE specifications (bsc#1104427 bsc#1137236).
- rdma/hns: rdma/hns: Assign rq head pointer when enable rq record db (bsc#1104427 bsc#1137236).
- rdma/iw_cxgb4: Always disconnect when QP is transitioning to TERMINATE state (bsc#1136348 jsc#SLE-4684).
- rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).
- rdma/iwcm: add tos_set bool to iw_cm struct (bsc#1136348 jsc#SLE-4684).
- rdma/qedr: Fix incorrect device rate (bsc#1136188).
- rdma/qedr: Fix out of bounds index check in query pkey (bsc#1136456 jsc#SLE-4689).
- rdma/smc: Replace ib_query_gid with rdma_get_gid_attr (bsc#1131530 LTC#176717).
- regulator: s2mps11: Fix buck7 and buck8 wrong voltages (bsc#1051510).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- ring-buffer: Check if memory is available before allocation (bsc#1132531).
- rpm/post.sh: correct typo in err msg (bsc#1137625)
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtc: 88pm860x: prevent use-after-free on device remove (bsc#1051510).
- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
- rtc: don't reference bogus function pointer in kdoc (bsc#1051510).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
- rtlwifi: fix a potential NULL pointer dereference (bsc#1051510).
- rtlwifi: fix potential NULL pointer dereference (bsc#1111666).
- rtlwifi: rtl8192cu: fix error handle when usb probe failed (bsc#1111666).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- s390/airq: provide cacheline aligned ivs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/airq: recognize directed interrupts (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/airq: use DMA memory for adapter interrupts (jsc#SLE-6197 bsc#1140559 LTC#173150).
- s390/cio: add basic protected virtualization support (jsc#SLE-6197 bsc#1140559 LTC#173150).
- s390/cio: introduce DMA pools to cio (jsc#SLE-6197 bsc#1140559 LTC#173150).
- s390/cpumf: Add extended counter set definitions for model 8561 and 8562 (bsc#1142052 LTC#179320).
- s390/dasd: fix panic for failed online processing (bsc#1132589).
- s390/dasd: fix using offset into zero size array error (bsc#1051510).
- s390/dma: provide proper ARCH_ZONE_DMA_BITS value (jsc#SLE-6197 bsc#1140559 LTC#173150).
- s390/ism: move oddities of device IO to wrapper function (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
- s390/jump_label: Use 'jdd' constraint on gcc9 (bsc#1138589).
- s390/mm: force swiotlb for protected virtualization (jsc#SLE-6197 bsc#1140559 LTC#173150).
- s390/pci: add parameter to disable usage of MIO instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
- s390/pci: add parameter to force floating irqs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pci: clarify interrupt vector usage (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pci: fix assignment of bus resources (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
- s390/pci: fix struct definition for set PCI function (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
- s390/pci: gather statistics for floating vs directed irqs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pci: mark command line parser data __initdata (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pci: move everything irq related to pci_irq.c (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pci: move io address mapping code to pci_insn.c (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
- s390/pci: provide support for CPU directed interrupts (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pci: provide support for MIO instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
- s390/pci: remove stale rc (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pci: remove unused define (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).
- s390/protvirt: add memory sharing for diag 308 set/store (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).
- s390/protvirt: block kernel command line alteration (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).
- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
- s390/qdio: handle PENDING state for QEBSM devices (bsc#1142119 LTC#179331).
- s390/qeth: be drop monitor friendly (bsc#1142115 LTC#179337).
- s390/qeth: be drop monitor friendly (bsc#1142220 LTC#179335).
- s390/qeth: fix VLAN attribute in bridge_hostnotify udev event (bsc#1051510).
- s390/qeth: fix race when initializing the IP address table (bsc#1051510).
- s390/sclp: detect DIRQ facility (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- s390/setup: fix early warning messages (bsc#1051510).
- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- s390/uv: introduce guest side ultravisor code (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).
- s390/virtio: handle find on invalid queue gracefully (bsc#1051510).
- s390/vtime: steal time exponential moving average (bsc#1119222).
- s390/zcrypt: Fix wrong dispatching for control domain CPRBs (bsc#1137811 LTC#178088).
- s390: enable processes for mio instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
- s390: remove the unused dma_capable helper (jsc#SLE-6197 bsc#1140559 LTC#173150).
- s390: show statistics for MSI IRQs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
- sbitmap: fix improper use of smp_mb__before_atomic() (bsc#1140658).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- sched/topology: Improve load balancing on AMD EPYC (bsc#1137366).
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi/fc: kABI fixes for new ELS_FPIN definition (bsc#1136217,jsc#SLE-4722).
- scsi: aacraid: Mark expected switch fall-through (jsc#SLE-4710 bsc#1136161).
- scsi: aacraid: Mark expected switch fall-throughs (jsc#SLE-4710 bsc#1136161).
- scsi: aacraid: change event_wait to a completion (jsc#SLE-4710 bsc#1136161).
- scsi: aacraid: change wait_sem to a completion (jsc#SLE-4710 bsc#1136161).
- scsi: aacraid: clean up some indentation and formatting issues (jsc#SLE-4710 bsc#1136161).
- scsi: be2iscsi: be_iscsi: Mark expected switch fall-through (jsc#SLE-4721 bsc#1136264).
- scsi: be2iscsi: be_main: Mark expected switch fall-through (jsc#SLE-4721 bsc#1136264).
- scsi: be2iscsi: fix spelling mistake 'Retreiving' 'Retrieving' (jsc#SLE-4721 bsc#1136264).
- scsi: be2iscsi: lpfc: fix typo (jsc#SLE-4721 bsc#1136264).
- scsi: be2iscsi: remove unused variable dmsg (jsc#SLE-4721 bsc#1136264).
- scsi: be2iscsi: switch to generic DMA API (jsc#SLE-4721 bsc#1136264).
- scsi: core: add new RDAC LENOVO/DE_Series device (bsc#1132390).
- scsi: csiostor: Remove set but not used variable 'pln' (jsc#SLE-4679 bsc#1136343).
- scsi: csiostor: csio_wr: mark expected switch fall-through (jsc#SLE-4679 bsc#1136343).
- scsi: csiostor: drop serial_number usage (jsc#SLE-4679 bsc#1136343).
- scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() (jsc#SLE-4679 bsc#1136343).
- scsi: csiostor: fix calls to dma_set_mask_and_coherent() (jsc#SLE-4679 bsc#1136343).
- scsi: csiostor: fix incorrect dma device in case of vport (jsc#SLE-4679 bsc#1136343).
- scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (jsc#SLE-4679 bsc#1136343).
- scsi: csiostor: no need to check return value of debugfs_create functions (jsc#SLE-4679 bsc#1136343).
- scsi: cxgb4i: add wait_for_completion() (jsc#SLE-4678 bsc#1136342).
- scsi: cxgbi: KABI: fix handle completion etc (jsc#SLE-4678 bsc#1136342).
- scsi: cxgbi: remove redundant __kfree_skb call on skb and free cst atid (jsc#SLE-4678 bsc#1136342).
- scsi: fc: add FPIN ELS definition (bsc#1136217,jsc#SLE-4722).
- scsi: hisi: KABI ignore new symbols (bsc#1135038).
- scsi: hisi_sas: Add softreset in hisi_sas_I_T_nexus_reset() (bsc#1135033).
- scsi: hisi_sas: Adjust the printk format of functions hisi_sas_init_device() (bsc#1135037).
- scsi: hisi_sas: Do not fail IT nexus reset for Open Reject timeout (bsc#1135033).
- scsi: hisi_sas: Do not hard reset disk during controller reset (bsc#1135034).
- scsi: hisi_sas: Fix for setting the PHY linkrate when disconnected (bsc#1135038).
- scsi: hisi_sas: Remedy inconsistent PHY down state in software (bsc#1135039).
- scsi: hisi_sas: Send HARD RESET to clear the previous affiliation of STP target port (bsc#1135037).
- scsi: hisi_sas: Set PHY linkrate when disconnected (bsc#1135038).
- scsi: hisi_sas: Some misc tidy-up (bsc#1135031).
- scsi: hisi_sas: Support all RAS events with MSI interrupts (bsc#1135035).
- scsi: hisi_sas: add host reset interface for test (bsc#1135041).
- scsi: hisi_sas: allocate different SAS address for directly attached situation (bsc#1135036).
- scsi: hisi_sas: remove the check of sas_dev status in hisi_sas_I_T_nexus_reset() (bsc#1135037).
- scsi: hpsa: Use vmemdup_user to replace the open code (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: bump driver version (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: check for lv removal (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: clean up two indentation issues (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: correct device id issues (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: correct device resets (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: correct ioaccel2 chaining (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: correct simple mode (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: fix an uninitialized read and dereference of pointer dev (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: mark expected switch fall-throughs (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: remove timeout from TURs (jsc#SLE-4712 bsc#1136156).
- scsi: hpsa: switch to generic DMA API (jsc#SLE-4712 bsc#1136156).
- scsi: ibmvfc: fix WARN_ON during event pool release (bsc#1137458 LTC#178093).
- scsi: libsas: Do discovery on empty PHY to update PHY info (bsc#1135024).
- scsi: libsas: Improve vague log in SAS rediscovery (bsc#1135027).
- scsi: libsas: Inject revalidate event for root port event (bsc#1135026).
- scsi: libsas: Print expander PHY indexes in decimal (bsc#1135021).
- scsi: libsas: Stop hardcoding SAS address length (bsc#1135029).
- scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery (bsc#1135028).
- scsi: libsas: Try to retain programmed min linkrate for SATA min pathway unmatch fixing (bsc#1135028).
- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).
- scsi: lpfc: Add loopback testing to trunking mode (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Annotate switch/case fall-through (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Cancel queued work for an IO when processing a received ABTS (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Change smp_processor_id() into raw_smp_processor_id() (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Convert bootstrap mbx polling from msleep to udelay (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Coordinate adapter error handling with offline handling (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Correct __lpfc_sli_issue_iocb_s4 lockdep check (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Correct boot bios information to FDMI registration (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Correct localport timeout duration error (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Correct nvmet buffer free race condition (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Declare local functions static (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Enhance 6072 log string (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix BFS crash with DIX enabled (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix FDMI fc4type for nvme support (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix FDMI manufacturer attribute value (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix HDMI2 registration string for symbolic name (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix PT2PT PLOGI collison stopping discovery (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix a recently introduced compiler warning (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix alloc context on oas lun creations (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix build error (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix deadlock due to nested hbalock call (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix driver crash in target reset handler (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix duplicate log message numbers (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix error code if kcalloc() fails (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix error codes in lpfc_sli4_pci_mem_setup() (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix fc4type information for FDMI (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix fcp_rsp_len checking on lun reset (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix handling of trunk links state reporting (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix hardlockup in scsi_cmd_iocb_cmpl (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix incorrect logical link speed on trunks when links down (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix indentation and balance braces (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix io lost on host resets (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix kernel warnings related to smp_processor_id() (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix link speed reporting for 4-link trunk (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix location of SCSI ktime counters (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix lpfc_nvmet_mrq attribute handling when 0 (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix mailbox hang on adapter init (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix memory leak in abnormal exit path from lpfc_eq_create (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix missing wakeups on abort threads (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix nvmet async receive buffer replenishment (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix nvmet handling of first burst cmd (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix nvmet handling of received ABTS for unmapped frames (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix nvmet target abort cmd matching (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix oops when driver is loaded with 1 interrupt vector (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix poor use of hardware queues if fewer irq vectors (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix protocol support on G6 and G7 adapters (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fix use-after-free mailbox cmd completion (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Fixup eq_clr_intr references (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Make lpfc_sli4_oas_verify static (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Move trunk_errmsg[] from a header file into a .c file (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Prevent 'use after free' memory overwrite in nvmet LS handling (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Reduce memory footprint for lpfc_queue (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Remove set but not used variable 'phys_id' (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Remove set-but-not-used variables (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Remove unused functions (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Resolve inconsistent check of hdwq in lpfc_scsi_cmd_iocb_cmpl (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Resolve irq-unsafe lockdep heirarchy warning in lpfc_io_free (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Revert message logging on unsupported topology (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Revise message when stuck due to unresponsive adapter (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Rework misleading nvme not supported in firmware message (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Separate CQ processing for nvmet_fc upcalls (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Specify node affinity for queue memory allocation (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Stop adapter if pci errors detected (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Update Copyright in driver version (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Update lpfc version to 12.2.0.1 (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: Update lpfc version to 12.2.0.3 (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: add support for posting FC events on FPIN reception (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: avoid uninitialized variable warning (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: fix 32-bit format string warning (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: fix a handful of indentation issues (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: fix calls to dma_set_mask_and_coherent() (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: fix unused variable warning (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: resolve static checker warning in lpfc_sli4_hba_unset (bsc#1136217,jsc#SLE-4722).
- scsi: lpfc: use dma_set_mask_and_coherent (bsc#1136217,jsc#SLE-4722).
- scsi: megaraid_sas: Add support for DEVICE_LIST DCMD in driver (bsc#1136271).
- scsi: megaraid_sas: Retry reads of outbound_intr_status reg (bsc#1136271).
- scsi: megaraid_sas: Rework code to get PD and LD list (bsc#1136271).
- scsi: megaraid_sas: Rework device add code in AEN path (bsc#1136271).
- scsi: megaraid_sas: Update structures for HOST_DEVICE_LIST DCMD (bsc#1136271).
- scsi: megaraid_sas: correct an info message (bsc#1136271).
- scsi: megaraid_sas: driver version update (bsc#1136271).
- scsi: mpt3sas: Add Atomic RequestDescriptor support on Aero (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Add flag high_iops_queues (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Add missing breaks in switch statements (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Add support for ATLAS PCIe switch (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Add support for NVMe Switch Adapter (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Affinity high iops queues IRQs to local node (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Enable interrupt coalescing on high iops (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Fix kernel panic during expander reset (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Fix typo in request_desript_type (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Improve the threshold value and introduce module param (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Introduce perf_mode module parameter (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Irq poll to avoid CPU hard lockups (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Load balance to improve performance and avoid soft lockups (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Rename mpi endpoint device ID macro (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Update driver version to 27.102.00.00 (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Update driver version to 29.100.00.00 (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Update mpt3sas driver version to 28.100.00.00 (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: Use high iops queues under some circumstances (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: change _base_get_msix_index prototype (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: fix indentation issue (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: function pointers of request descriptor (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: save and use MSI-X index for posting RD (bsc#1125703,jsc#SLE-4717).
- scsi: mpt3sas: simplify interrupt handler (bsc#1125703,jsc#SLE-4717).
- scsi: qedf: Add LBA to underrun debug messages (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add a flag to help debugging io_req which could not be cleaned (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add additional checks for io_req sc_cmd validity (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add comment to display logging levels (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add driver state to 'driver_stats' debugfs node (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add missing return in qedf_scsi_done() (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add port_id for fcport into initiate_cleanup debug message (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Add return value to log message if scsi_add_host fails (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Change MSI-X load error message (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Check both the FCF and fabric ID before servicing clear virtual link (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Check for fcoe_libfc_config failure (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Check for tm_flags instead of cmd_type during cleanup (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Check the return value of start_xmit (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Cleanup rrq_work after QEDF_CMD_OUTSTANDING is cleared (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Correctly handle refcounting of rdata (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Do not queue anything if upload is in progress (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Do not send ABTS for under run scenario (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Fix lport may be used uninitialized warning (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Log message if scsi_add_host fails (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Modify flush routine to handle all I/Os and TMF (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Print fcport information on wait for upload timeout (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Print scsi_cmd backpointer in good completion path if the command is still being used (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Remove set but not used variable 'fr_len' (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Update the driver version to 8.37.25.19 (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Update the driver version to 8.37.25.20 (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: Wait for upload and link down processing during soft ctx reset (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: fc_rport_priv reference counting fixes (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: fixup bit operations (bsc#1135542).
- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
- scsi: qedf: remove memset/memcpy to nfunc and use func instead (bsc#1136467 jsc#SLE-4694).
- scsi: qedf: remove set but not used variables (bsc#1136467 jsc#SLE-4694).
- scsi: qedi: Add packet filter in light L2 Rx path (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: Check for session online before getting iSCSI TLV data (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: Cleanup redundant QEDI_PAGE_SIZE macro definition (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: Fix spelling mistake 'OUSTANDING' 'OUTSTANDING' (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: Move LL2 producer index processing in BH (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: Replace PAGE_SIZE with QEDI_PAGE_SIZE (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: Update driver version to 8.33.0.21 (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: add module param to set ping packet size (jsc#SLE-4693 bsc#1136462).
- scsi: qedi: remove set but not used variables 'cdev' and 'udev' (jsc#SLE-4693 bsc#1136462).
- scsi: qla2xxx: Add 28xx flash primary/secondary status/image mechanism (bsc#1136215).
- scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1136215).
- scsi: qla2xxx: Add First Burst support for FC-NVMe devices (bsc#1136215).
- scsi: qla2xxx: Add Serdes support for ISP28XX (bsc#1136215).
- scsi: qla2xxx: Add fw_attr and port_no SysFS node (bsc#1136215).
- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).
- scsi: qla2xxx: Add new FW dump template entry types (bsc#1136215).
- scsi: qla2xxx: Add protection mask module parameters (bsc#1136215).
- scsi: qla2xxx: Add support for multiple fwdump templates/segments (bsc#1136215).
- scsi: qla2xxx: Add support for setting port speed (bsc#1136215).
- scsi: qla2xxx: Avoid pci IRQ affinity mapping when multiqueue is not supported (bsc#1136215).
- scsi: qla2xxx: Check for FW started flag before aborting (bsc#1136215).
- scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path (bsc#1136215).
- scsi: qla2xxx: Correction and improvement to fwdt processing (bsc#1136215).
- scsi: qla2xxx: Correctly report max/min supported speeds (bsc#1136215).
- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
- scsi: qla2xxx: Fix DMA error when the DIF sg buffer crosses 4GB boundary (bsc#1136215).
- scsi: qla2xxx: Fix FC-AL connection target discovery (bsc#1094555).
- scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bsc#1136215).
- scsi: qla2xxx: Fix N2N target discovery with Local loop (bsc#1094555).
- scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() (bsc#1140727).
- scsi: qla2xxx: Fix code indentation for qla27xx_fwdt_entry (bsc#1136215).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bsc#1140728).
- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
- scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (bsc#1136215).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- scsi: qla2xxx: Fix read offset in qla24xx_load_risc_flash() (bsc#1136215).
- scsi: qla2xxx: Fix routine qla27xx_dump_{mpi|ram}() (bsc#1136215).
- scsi: qla2xxx: Fix unload when NVMe devices are configured (bsc#1136215).
- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).
- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).
- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).
- scsi: qla2xxx: Move debug messages before sending srb preventing panic (bsc#1136215).
- scsi: qla2xxx: Move marker request behind QPair (bsc#1136215).
- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).
- scsi: qla2xxx: Prevent SysFS access when chip is down (bsc#1136215).
- scsi: qla2xxx: Prevent multiple ADISC commands per session (bsc#1136215).
- scsi: qla2xxx: Remove FW default template (bsc#1136215).
- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).
- scsi: qla2xxx: Remove unused symbols (bsc#1118139).
- scsi: qla2xxx: Secure flash update support for ISP28XX (bsc#1136215).
- scsi: qla2xxx: Set remote port devloss timeout to 0 (bsc#1136215).
- scsi: qla2xxx: Simplification of register address used in qla_tmpl.c (bsc#1136215).
- scsi: qla2xxx: Simplify conditional check again (bsc#1136215).
- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
- scsi: qla2xxx: Update driver version to 10.00.00.14-k (bsc#1136215).
- scsi: qla2xxx: Update driver version to 10.01.00.15-k (bsc#1136215).
- scsi: qla2xxx: Update flash read/write routine (bsc#1136215).
- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
- scsi: qla2xxx: avoid printf format warning (bsc#1136215).
- scsi: qla2xxx: check for kstrtol() failure (bsc#1136215).
- scsi: qla2xxx: do not crash on uninitialized pool list (boo#1138874).
- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
- scsi: qla2xxx: fix spelling mistake: 'existant' - 'existent' (bsc#1118139).
- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
- scsi: qla2xxx: no need to check return value of debugfs_create functions (bsc#1136215).
- scsi: qla2xxx: remove redundant null check on pointer sess (bsc#1136215).
- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).
- scsi: scsi_transport_fc: Add FPIN fc event codes (bsc#1136217,jsc#SLE-4722).
- scsi: scsi_transport_fc: refactor event posting routines (bsc#1136217,jsc#SLE-4722).
- scsi: smartpqi: Add retries for device reset (bsc#1133547).
- scsi: smartpqi: Reporting 'logical unit failure' (bsc#1133547).
- scsi: smartpqi: add H3C controller IDs (bsc#1133547).
- scsi: smartpqi: add h3c ssid (bsc#1133547).
- scsi: smartpqi: add no_write_same for logical volumes (bsc#1133547).
- scsi: smartpqi: add ofa support (bsc#1133547).
- scsi: smartpqi: add smp_utils support (bsc#1133547).
- scsi: smartpqi: add spdx (bsc#1133547).
- scsi: smartpqi: add support for PQI Config Table handshake (bsc#1133547).
- scsi: smartpqi: add support for huawei controllers (bsc#1133547).
- scsi: smartpqi: add sysfs attributes (bsc#1133547).
- scsi: smartpqi: allow for larger raid maps (bsc#1133547).
- scsi: smartpqi: bump driver version (bsc#1133547).
- scsi: smartpqi: bump driver version (bsc#1133547).
- scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() (bsc#1133547).
- scsi: smartpqi: check for null device pointers (bsc#1133547).
- scsi: smartpqi: correct host serial num for ssa (bsc#1133547).
- scsi: smartpqi: correct lun reset issues (bsc#1133547).
- scsi: smartpqi: correct volume status (bsc#1133547).
- scsi: smartpqi: do not offline disks for transient did no connect conditions (bsc#1133547).
- scsi: smartpqi: enhance numa node detection (bsc#1133547).
- scsi: smartpqi: fix build warnings (bsc#1133547).
- scsi: smartpqi: fix disk name mount point (bsc#1133547).
- scsi: smartpqi: fully convert to the generic DMA API (bsc#1133547).
- scsi: smartpqi: increase LUN reset timeout (bsc#1133547).
- scsi: smartpqi: increase fw status register read timeout (bsc#1133547).
- scsi: smartpqi: refactor sending controller raid requests (bsc#1133547).
- scsi: smartpqi: turn off lun data caching for ptraid (bsc#1133547).
- scsi: smartpqi: update copyright (bsc#1133547).
- scsi: smartpqi: update driver version (bsc#1133547).
- scsi: smartpqi: wake up drives after os resumes from suspend (bsc#1133547).
- scsi: smartpqi_init: fix boolean expression in pqi_device_remove_start (bsc#1133547).
- scsi: target/iblock: Fix overrun in WRITE SAME emulation (bsc#1140424).
- scsi: target/iblock: Fix overrun in WRITE SAME emulation (bsc#1140424).
- scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() (bsc#1135296).
- scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove (bsc#1051510).
- scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host (bsc#1051510).
- scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices (bsc#1051510).
- scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) (bsc#1051510).
- sctp: silence warns on sctp_stream_init allocations (bsc#1083710).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: sh-sci: disable DMA for uart_console (bsc#1051510).
- serial: uartps: Do not add a trailing semicolon to macro (bsc#1051510).
- serial: uartps: Fix long line over 80 chars (bsc#1051510).
- serial: uartps: Fix multiple line dereference (bsc#1051510).
- serial: uartps: Remove useless return from cdns_uart_poll_put_char (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- soc: mediatek: pwrap: Zero initialize rdata in pwrap_init_cipher (bsc#1051510).
- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).
- soc: rockchip: Set the proper PWM for rk3288 (bsc#1051510).
- spi : spi-topcliff-pch: Fix to handle empty DMA buffers (bsc#1051510).
- spi-mem: fix kernel-doc for spi_mem_dirmap_{read|write}() (bsc#1111666).
- spi: Add missing pm_runtime_put_noidle() after failed get (bsc#1111666).
- spi: Fix zero length xfer bug (bsc#1051510).
- spi: Micrel eth switch: declare missing of table (bsc#1051510).
- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi: bitbang: Fix NULL pointer dereference in spi_unregister_master (bsc#1051510).
- spi: pxa2xx: fix SCR (divisor) calculation (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- spi: spi-fsl-spi: call spi_finalize_current_message() at the end (bsc#1051510).
- spi: tegra114: reset controller on probe (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: comedi: amplc_pci230: fix null pointer deref on interrupt (bsc#1051510).
- staging: comedi: dt282x: fix a null pointer deref on interrupt (bsc#1051510).
- staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest (bsc#1051510).
- staging: comedi: ni_usb6501: Fix possible double-free of usb_rx_buf (bsc#1051510).
- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).
- staging: comedi: vmk80xx: Fix possible double-free of usb_rx_buf (bsc#1051510).
- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).
- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- staging: rtl8712: reduce stack usage, again (bsc#1051510).
- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).
- staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bsc#1111666).
- staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bsc#1111666).
- staging: vc04_services: prevent integer overflow in create_pagelist() (bsc#1051510).
- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).
- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).
- staging: wlan-ng: fix adapter initialization failure (bsc#1051510).
- staging:iio:ad7150: fix threshold mode config bit (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- supported.conf: Add cls_bpf, sch_ingress to kernel-default-base (bsc#1134743).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: added mlxbf_tmfifo (bsc#1136333 jsc#SLE-4994)
- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).
- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).
- svm: Add warning message for AVIC IPI invalid target (bsc#1140133).
- svm: Add warning message for AVIC IPI invalid target (bsc#1140133).
- svm: Fix AVIC DFR and LDR handling (bsc#1132558).
- svm: Fix AVIC incomplete IPI emulation (bsc#1140133).
- svm: Fix AVIC incomplete IPI emulation (bsc#1140133).
- sysctl: handle overflow for file-max (bsc#1051510).
- sysctl: handle overflow in proc_get_long (bsc#1051510).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#1137586).
- tcp: fix tcp_set_congestion_control() use from bpf hook (bsc#1109837).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- team: Always enable vlan tx offload (bsc#1051510).
- team: set slave to promisc if team is already in promisc mode (bsc#1051510).
- testing: nvdimm: provide SZ_4G constant (bsc#1132982).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
- thermal: rcar_gen3_thermal: disable interrupt in .remove (bsc#1051510).
- thunderbolt: Fix to check for kmemdup failure (bsc#1051510).
- tmpfs: fix link accounting when a tmpfile is linked in (bsc#1051510).
- tmpfs: fix uninitialized return value in shmem_link (bsc#1051510).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tools: bpftool: Fix json dump crash on powerpc (bsc#1109837).
- tools: bpftool: fix infinite loop in map create (bsc#1109837).
- tools: bpftool: use correct argument in cgroup errors (bsc#1109837).
- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).
- tracing/snapshot: Resize spare buffer if size changed (bsc#1140726).
- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).
- tracing: Fix buffer_ref pipe ops (bsc#1133698).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- treewide: Use DEVICE_ATTR_WO (bsc#1137739).
- tty/vt: fix write/write race in ioctl(KDSKBSENT) handler (bsc#1051510).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: ipwireless: fix missing checks for ioremap (bsc#1051510).
- tty: max310x: Fix external crystal register setup (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: rocket: fix incorrect forward declaration of 'rp_init()' (bsc#1051510).
- tty: serial: cpm_uart - fix init when SMC is relocated (bsc#1051510).
- tty: serial: msm_serial: Fix XON/XOFF (bsc#1051510).
- tty: serial_core, add install (bnc#1129693).
- tty: serial_core: Set port active bit in uart_port_activate (bsc#1051510).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510).
- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown (bsc#1051510).
- usb: dwc2: Fix DMA cache alignment issues (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit (bsc#1051510).
- usb: gadget: fusb300_udc: Fix memory leak of fusb300 ep[i] (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC (bsc#1051510).
- usb: pci-quirks: Correct AMD PLL quirk detection (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usbip: usbip_host: fix BUG: sleeping function called from invalid context (bsc#1051510).
- usbip: usbip_host: fix stub_dev lock context imbalance regression (bsc#1051510).
- usbnet: fix kernel crash after disconnect (bsc#1051510).
- usbnet: ipheth: fix racing condition (bsc#1051510).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vfio: ccw: only free cp on final interrupt (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).
- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).
- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).
- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).
- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).
- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).
- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).
- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).
- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).
- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).
- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).
- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).
- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).
- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).
- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).
- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).
- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).
- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).
- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).
- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).
- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).
- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- video: hgafb: fix potential NULL pointer dereference (bsc#1051510).
- video: imsttfb: fix potential NULL pointer dereferences (bsc#1051510).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio/s390: DMA support for virtio-ccw (jsc#SLE-6197 bsc#1140559 LTC#173150).
- virtio/s390: add indirection to indicators access (jsc#SLE-6197 bsc#1140559 LTC#173150).
- virtio/s390: make airq summary indicators DMA (jsc#SLE-6197 bsc#1140559 LTC#173150).
- virtio/s390: use DMA memory for ccw I/O and classic notifiers (jsc#SLE-6197 bsc#1140559 LTC#173150).
- virtio/s390: use cacheline aligned airq bit vectors (jsc#SLE-6197 bsc#1140559 LTC#173150).
- virtio/s390: use vring_create_virtqueue (jsc#SLE-6197 bsc#1140559 LTC#173150).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_console: initialize vtermno value for ports (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vlan: disable SIOCSHWTSTAMP in container (bsc#1051510).
- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vt: always call notifier with the console lock held (bsc#1051510).
- vxlan: trivial indenting fix (bsc#1051510).
- vxlan: use __be32 type for the param vni in __vxlan_fdb_delete (bsc#1051510).
- w1: fix the resume command API (bsc#1051510).
- watchdog: imx2_wdt: Fix set_timeout for big timeout values (bsc#1051510).
- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).
- wil6210: drop old event after wmi_call timeout (bsc#1111666).
- wil6210: fix potential out-of-bounds read (bsc#1051510).
- wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext (bsc#1111666).
- wil6210: fix spurious interrupts in 3-msi (bsc#1111666).
- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).
- x86, mm: fix fast GUP with hyper-based TLB flushing (VM Functionality, bsc#1140903).
- x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor (bsc#1114279).
- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and pciE SMCA bank types (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).
- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).
- x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).
- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).
- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).
- x86/mce: Fix machine_check_poll() tests for error types (bsc#1114279).
- x86/mce: Handle varying MCA bank counts (bsc#1128415).
- x86/microcode, cpuhotplug: Add a microcode loader CPU hotplug callback (bsc#1114279).
- x86/microcode: Fix microcode hotplug state (bsc#1114279).
- x86/microcode: Fix the ancient deprecated microcode loading method (bsc#1114279).
- x86/mm/mem_encrypt: Disable all instrumentation for early SME setup (bsc#1114279).
- x86/msr-index: Cleanup bit defines (bsc#1111331).
- x86/perf/amd: Remove need to check 'running' bit in NMI handler (bsc#1131438).
- x86/perf/amd: Resolve NMI latency issues for active PMCs (bsc#1131438).
- x86/perf/amd: Resolve race condition when disabling PMC (bsc#1131438).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86/speculation/mds: Revert CPU buffer clear on double fault exit (bsc#1114279).
- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).
- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).
- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).
- x86/umip: Make the UMIP activated message generic (bsc#1138336).
- x86/umip: Print UMIP line only once (bsc#1138336).
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- xdp: check device pointer before clearing (bsc#1109837).
- xdp: fix possible cq entry leak (bsc#1109837).
- xdp: fix race on generic receive path (bsc#1109837).
- xdp: hold device for umem regardless of zero-copy mode (bsc#1109837).
- xen/pciback: Don't disable PCI_COMMAND on PCI device reset (bsc#1065600).
- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).
- xen: let alloc_xenballooned_pages() fail if not enough memory free (bsc#1142450 XSA-300).
- xen: remove pre-xen3 fallback handlers (bsc#1065600).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xfs: add log item pinning error injection tag (bsc#1114427).
- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).
- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).
- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).
- xfs: buffer lru reference count error injection tag (bsc#1114427).
- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).
- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).
- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).
- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).
- xfs: check _btree_check_block value (bsc#1123663).
- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).
- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).
- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
- xfs: create block pointer check functions (bsc#1123663).
- xfs: create inode pointer verifiers (bsc#1114427).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: do not overflow xattr listent buffer (bsc#1143105).
- xfs: do not set the page uptodate in xfs_writepage_map (bsc#1138003).
- xfs: don't clear imap_valid for a non-uptodate buffers (bsc#1138018).
- xfs: don't look at buffer heads in xfs_add_to_ioend (bsc#1138013).
- xfs: don't use XFS_BMAPI_ENTRIRE in xfs_get_blocks (bsc#1137999).
- xfs: don't use XFS_BMAPI_IGSTATE in xfs_map_blocks (bsc#1138005).
- xfs: eof trim writeback mapping as soon as it is cached (bsc#1138019).
- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
- xfs: export various function for the online scrubber (bsc#1123663).
- xfs: expose errortag knobs via sysfs (bsc#1114427).
- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).
- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).
- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).
- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).
- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).
- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).
- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).
- xfs: fix s_maxbytes overflow problems (bsc#1137996).
- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).
- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).
- xfs: force summary counter recalc at next mount (bsc#1114427).
- xfs: hold xfs_buf locked between shortform leaf conversion and the addition of an attribute (bsc#1133675).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: make errortag a per-mountpoint structure (bsc#1123663).
- xfs: make xfs_writepage_map extent map centric (bsc#1138009).
- xfs: minor cleanup for xfs_get_blocks (bsc#1138000).
- xfs: move all writeback buffer_head manipulation into xfs_map_at_offset (bsc#1138014).
- xfs: move error injection tags into their own file (bsc#1114427).
- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).
- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor btree block header checking functions (bsc#1123663).
- xfs: refactor btree pointer checks (bsc#1123663).
- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).
- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).
- xfs: refactor the tail of xfs_writepage_map (bsc#1138016).
- xfs: refactor unmount record write (bsc#1114427).
- xfs: refactor xfs_trans_roll (bsc#1133667).
- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).
- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).
- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).
- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).
- xfs: remove XFS_IO_INVALID (bsc#1138017).
- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).
- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).
- xfs: remove the imap_valid flag (bsc#1138012).
- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).
- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
- xfs: remove unused parameter from xfs_writepage_map (bsc#1137995).
- xfs: remove xfs_map_cow (bsc#1138007).
- xfs: remove xfs_reflink_find_cow_mapping (bsc#1138010).
- xfs: remove xfs_reflink_trim_irec_to_next_cow (bsc#1138006).
- xfs: remove xfs_start_page_writeback (bsc#1138015).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
- xfs: rename the offset variable in xfs_writepage_map (bsc#1138008).
- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).
- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
- xfs: sanity-check the unused space before trying to use it (bsc#1123663).
- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).
- xfs: simplify xfs_map_blocks by using xfs_iext_lookup_extent directly (bsc#1138011).
- xfs: skip CoW writes past EOF when writeback races with truncate (bsc#1137998).
- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).
- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).
- xfs: xfs_reflink_convert_cow() memory allocation deadlock (bsc#1138002).
- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).
- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).
- xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() (bsc#1051510).
- xhci: Use %zu for printing size_t type (bsc#1051510).
- xhci: update bounce buffer with correct sg num (bsc#1051510).
- xprtrdma: Fix use-after-free in rpcrdma_post_recvs (bsc#1103992 FATE#326009).
- xsk: Properly terminate assignment in xskq_produce_flush_desc (bsc#1109837).
- {nl,mac}80211: allow 4addr AP operation on crypto controlled devices (bsc#1051510).
Patchnames
SUSE-2019-2430,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2430,SUSE-SLE-Module-RT-15-SP1-2019-2430
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for kernel-source-rt", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing speculative execution which may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019. (bsc#1103186)\n- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019. (bsc#1111331)\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). (bsc#1136586)\n- CVE-2019-10124: An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker could cause a denial of service (bsc#1130699).\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions. (bsc#1133188)\n- CVE-2019-11811: An issue was discovered in the Linux kernel There was a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module was removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c. (bsc#1134397)\n- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It could occur with FUSE requests. (bsc#1133190)\n- CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This used to affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293)\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (bsc#1135281)\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bsc#1120843)\n- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603)\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\\0' character. (bsc#1134848)\n- CVE-2019-9500: An issue was discovered that lead to brcmfmac heap buffer overflow. (bsc#1132681)\n- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bsc#1135278)\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bsc#1135278)\n- CVE-2018-16880: A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, could trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may have lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (bsc#1122767)\n- CVE-2019-12819: The function __mdiobus_register() called put_device(), which triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of service. (bsc#1138291)\n- CVE-2019-3882: A flaw was found in the Linux kernel's vfio interface implementation that permitted violation of the user's locked memory limit. If a device was bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may have caused a system memory exhaustion and thus a denial of service (DoS). (bsc#1131427)\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bsc#1136424)\n- CVE-2019-8564: An issue was discoved which meant that brcmfmac frame validation could be bypassed. (bsc#1132673)\n- CVE-2019-9503: An issue was discoved which meant that brcmfmac frame validation could be bypassed. (bsc#1132828)\n- CVE-2019-9003: In the Linux kernel, attackers could trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a 'service ipmievd restart' loop. (bsc#1126704)\n- CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may have allowed unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection.\n- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.\n- CVE-2018-16871: A NULL pointer dereference due to an anomalized NFS message sequence was fixed. (bnc#1137103).\n- CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c. There was an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash) (bnc#1137194).\n- CVE-2019-12817: On the PowerPC architecture, local attackers could access other users processes memory (bnc#1138263).\n- CVE-2018-20836: An issue was discovered in the Linux kernel There was a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free (bnc#1134395).\n- CVE-2019-10638: In the Linux kernel, a device could be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may have been conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses (bnc#1140575 1140577).\n- CVE-2019-10639: The Linux kernel allowed Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it was possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key was extracted (via enumeration), the offset of the kernel image was exposed. This attack could be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable because IP ID generation was changed to have a dependency on an address associated with a network namespace (bnc#1140577).\n- CVE-2019-11599: The coredump implementation in the Linux kernel did not use locking or other mechanisms to prevent vma layout or vma flags changes while it ran, which allowed local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c (bnc#1131645 1133738).\n- CVE-2019-13233: In arch/x86/lib/insn-eval.c in the Linux kernel, there was a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation (bnc#1140454).\n- CVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace(bsc#1143045).\n- CVE-2019-1125: Exclude ATOMs from speculation through SWAPGS (bsc#1139358).\n- CVE-2019-11810: An issue was discovered in the Linux kernel A NULL pointer dereference could occur when megasas_create_frame_pool() failed in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This caused a Denial of Service, related to a use-after-free (bnc#1134399).\n- CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel, a malicious USB device could send an HID report that triggered an out-of-bounds write during generation of debugging messages. (bnc#1142023)\n- CVE-2019-13648: In the Linux kernel on the powerpc platform, when hardware transactional memory was disabled, a local user could cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sent a crafted signal frame. (bnc#1142254)\n- CVE-2019-14283: In the Linux kernel, set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It could be triggered by an unprivileged local user when a floppy disk was inserted. NOTE: QEMU creates the floppy device by default. (bnc#1143191)\n- CVE-2019-14284: In the Linux kernel, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. (bnc#1143189)\n- CVE-2019-12456: An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a 'double fetch' vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used. (bsc#1136922)\n- CVE-2019-12380: An issue was discovered in the efi subsystem in the Linux kernel phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. (bsc#1136598)\n\nThe following non-security bugs were fixed:\n\n- 6lowpan: Off by one handling nexthdr (bsc#1051510).\n- 9p locks: add mount option for lock retry interval (bsc#1051510).\n- 9p: do not trust pdu content for stat item size (bsc#1051510).\n- ARM: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).\n- ARM: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).\n- ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).\n- ARM: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).\n- ARM: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).\n- ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).\n- ARM: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).\n- ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).\n- ARM: iop: don't use using 64-bit DMA masks (bsc#1051510).\n- ARM: orion: don't use using 64-bit DMA masks (bsc#1051510).\n- ARM: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).\n- ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).\n- ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).\n- ASoC : cs4265 : readable register too low (bsc#1051510).\n- ASoC: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- ASoC: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- ASoC: cs42xx8: Add regcache mask dirty (bsc#1051510).\n- ASoC: cx2072x: fix integer overflow on unsigned int multiply (bsc#1111666).\n- ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put (bsc#1051510).\n- ASoC: fix valid stream condition (bsc#1051510).\n- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).\n- ASoC: fsl_asrc: Fix the issue about unsupported rate (bsc#1051510).\n- ASoC: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).\n- ASoC: fsl_sai: Update is_slave_mode with correct value (bsc#1051510).\n- ASoC: fsl_utils: fix a leaked reference by adding missing of_node_put (bsc#1051510).\n- ASoC: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- ASoC: hdmi-codec: unlock the device on startup errors (bsc#1051510).\n- ASoC: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- ASoC: max98090: remove 24-bit format support if RJ is 0 (bsc#1051510).\n- ASoC: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- ASoC: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- ASoC: soc-pcm: BE dai needs prepare when pause release after resume (bsc#1051510).\n- ASoC: stm32: fix sai driver name initialisation (bsc#1051510).\n- ASoC: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- ASoC: topology: free created components in tplg load error (bsc#1051510).\n- ASoC: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- Abort file_remove_privs() for non-reg. files (bsc#1140888).\n- Add back sibling paca poiter to paca (bsc#1055117).\n- Backporting hwpoison fixes\n- Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- Bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).\n- Bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- CIFS: Do not count -ENODATA as failure for query directory (bsc#1051510).\n- CIFS: Do not hide EINTR after sending network packets (bsc#1051510).\n- CIFS: Do not reconnect TCP session in add_credits() (bsc#1051510).\n- CIFS: Do not reset lease state to NONE on lease break (bsc#1051510).\n- CIFS: Fix adjustment of credits for MTU requests (bsc#1051510).\n- CIFS: Fix credit calculation for encrypted reads with errors (bsc#1051510).\n- CIFS: Fix credits calculations for reads with errors (bsc#1051510).\n- CIFS: Fix possible hang during async MTU reads and writes (bsc#1051510).\n- CIFS: Fix read after write for files with read caching (bsc#1051510).\n- CIFS: fix POSIX lock leak and invalid ptr deref (bsc#1114542).\n- CIFS: fix POSIX lock leak and invalid ptr deref (bsc#1114542).\n- Correct iwlwifi 22000 series ucode file name (bsc#1142673)\n- Correct the buggy backport about AER / DPC pcie stuff (bsc#1142623)\n- Delete patches.fixes/s390-setup-fix-early-warning-messages (bsc#1140948).\n- Delete patches.fixes/s390-setup-fix-early-warning-messages (bsc#1140948).\n- Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bsc#1051510).\n- Do not provide kernel-default from kernel-default-base (boo#1132154, bsc#1106751).\n- Do not provide kernel-default from kernel-default-base (boo#1132154, bsc#1106751).\n- Do not restrict NFSv4.2 on openSUSE (bsc#1138719).\n- Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var (bsc#1051510).\n- EDAC/mc: Fix edac_mc_find() in case no device is found (bsc#1114279).\n- Fix cpu online check (bsc#1051510).\n- Fix kABI for asus-wmi quirk_entry field addition (bsc#1051510).\n- HID: Wacom: switch Dell canvas into highres mode (bsc#1051510).\n- HID: core: move Usage Page concatenation to Main item (bsc#1093389).\n- HID: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- HID: input: add mapping for 'Toggle Display' key (bsc#1051510).\n- HID: input: add mapping for Assistant key (bsc#1051510).\n- HID: input: add mapping for Expose/Overview key (bsc#1051510).\n- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).\n- HID: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).\n- HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).\n- HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent (bsc#1051510).\n- HID: logitech-hidpp: use RAP instead of FAP to get the protocol version (bsc#1051510).\n- HID: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- HID: wacom: Add ability to provide explicit battery status info (bsc#1051510).\n- HID: wacom: Add support for 3rd generation Intuos BT (bsc#1051510).\n- HID: wacom: Add support for Pro Pen slim (bsc#1051510).\n- HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth (bsc#1051510).\n- HID: wacom: Don't report anything prior to the tool entering range (bsc#1051510).\n- HID: wacom: Don't set tool type until we're in range (bsc#1051510).\n- HID: wacom: Mark expected switch fall-through (bsc#1051510).\n- HID: wacom: Move HID fix for AES serial number into wacom_hid_usage_quirk (bsc#1051510).\n- HID: wacom: Move handling of HID quirks into a dedicated function (bsc#1051510).\n- HID: wacom: Properly handle AES serial number and tool type (bsc#1051510).\n- HID: wacom: Queue events with missing type/serial data for later processing (bsc#1051510).\n- HID: wacom: Remove comparison of u8 mode with zero and simplify (bsc#1051510).\n- HID: wacom: Replace touch_max fixup code with static touch_max definitions (bsc#1051510).\n- HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact (bsc#1051510).\n- HID: wacom: Support 'in range' for Intuos/Bamboo tablets where possible (bsc#1051510).\n- HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary (bsc#1051510).\n- HID: wacom: Work around HID descriptor bug in DTK-2451 and DTH-2452 (bsc#1051510).\n- HID: wacom: convert Wacom custom usages to standard HID usages (bsc#1051510).\n- HID: wacom: correct touch resolution x/y typo (bsc#1051510).\n- HID: wacom: fix mistake in printk (bsc#1051510).\n- HID: wacom: generic: Correct pad syncing (bsc#1051510).\n- HID: wacom: generic: Ignore HID_DG_BATTERYSTRENTH == 0 (bsc#1051510).\n- HID: wacom: generic: Leave tool in prox until it completely leaves sense (bsc#1051510).\n- HID: wacom: generic: Refactor generic battery handling (bsc#1051510).\n- HID: wacom: generic: Report AES battery information (bsc#1051510).\n- HID: wacom: generic: Reset events back to zero when pen leaves (bsc#1051510).\n- HID: wacom: generic: Scale battery capacity measurements to percentages (bsc#1051510).\n- HID: wacom: generic: Send BTN_STYLUS3 when both barrel switches are set (bsc#1051510).\n- HID: wacom: generic: Send BTN_TOOL_PEN in prox once the pen enters range (bsc#1051510).\n- HID: wacom: generic: Support multiple tools per report (bsc#1051510).\n- HID: wacom: generic: Use generic codepath terminology in wacom_wac_pen_report (bsc#1051510).\n- HID: wacom: generic: add the 'Report Valid' usage (bsc#1051510).\n- HID: wacom: generic: only switch the mode on devices with LEDs (bsc#1051510).\n- HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report (bsc#1051510).\n- HID: wacom: wacom_wac_collection() is local to wacom_wac.c (bsc#1051510).\n- IB/hfi1: Clear the IOWAIT pending bits when QP is put into error state (bsc#1114685 FATE#325854).\n- IB/hfi1: Create inline to get extended headers (bsc#1114685 FATE#325854).\n- IB/hfi1: Validate fault injection opcode user input (bsc#1114685 FATE#325854).\n- IB/ipoib: Add child to parent list only if device initialized (bsc#1103992 FATE#326009).\n- IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE (bsc#1103991 FATE#326007).\n- IB/mlx5: Verify DEVX general object type correctly (bsc#1103991 FATE#326007).\n- Improve the headset mic for Acer Aspire laptops' (bsc#1051510).\n- Input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).\n- Input: elantech - enable middle button support on 2 ThinkPads (bsc#1051510).\n- Input: imx_keypad - make sure keyboard can always wake up system (bsc#1051510).\n- Input: introduce KEY_ASSISTANT (bsc#1051510).\n- Input: psmouse - fix build error of multiple definition (bsc#1051510).\n- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).\n- Input: synaptics - enable SMBUS on T480 thinkpad trackpad (bsc#1051510).\n- Input: synaptics - enable SMBus on ThinkPad E480 and E580 (bsc#1051510).\n- Input: synaptics-rmi4 - fix possible double free (bsc#1051510).\n- Input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).\n- Input: tm2-touchkey - acknowledge that setting brightness is a blocking call (bsc#1129770).\n- Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD (bsc#1051510).\n- KEYS: always initialize keyring_index_key::desc_len (bsc#1051510).\n- KEYS: user: Align the payload buffer (bsc#1051510).\n- KVM: PPC: Book3S HV: Avoid lockdep debugging in TCE realmode handlers (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).\n- KVM: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts (bsc#1061840).\n- KVM: PPC: Book3S: Protect memslots while validating user address (bsc#1061840).\n- KVM: PPC: Release all hardware TCE tables attached to a group (bsc#1061840).\n- KVM: PPC: Remove redundand permission bits removal (bsc#1061840).\n- KVM: PPC: Validate TCEs against preregistered memory page sizes (bsc#1061840).\n- KVM: PPC: Validate all tces before updating tables (bsc#1061840).\n- KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).\n- MD: fix invalid stored role for a disk (bsc#1051510).\n- NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).\n- PCI/P2PDMA: fix the gen_pool_add_virt() failure path (bsc#1103992 FATE#326009).\n- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).\n- PCI: Always allow probing with driver_override (bsc#1051510).\n- PCI: Do not poll for PME if the device is in D3cold (bsc#1051510).\n- PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).\n- PCI: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).\n- PCI: PM: Avoid possible suspend-to-idle issue (bsc#1051510).\n- PCI: PM: Skip devices in D0 for suspend-to-idle (bsc#1051510).\n- PCI: Return error if cannot probe VF (bsc#1051510).\n- PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).\n- PCI: rpadlpar: Fix leaked device_node references in add/remove paths (bsc#1051510).\n- PM / core: Propagate dev power.wakeup_path when no callbacks (bsc#1051510).\n- RAS/CEC: Check the correct variable in the debugfs error handling (bsc#1085535).\n- RAS/CEC: Convert the timer callback to a workqueue (bsc#1114279).\n- RAS/CEC: Fix binary search function (bsc#1114279).\n- RDMA/ipoib: Allow user space differentiate between valid dev_port (bsc#1103992 FATE#326009).\n- RDMA/mlx5: Do not allow the user to write to the clock page (bsc#1103991 FATE#326007).\n- RDMA/mlx5: Initialize roce port info before multiport master init (bsc#1103991 FATE#326007).\n- RDMA/mlx5: Use rdma_user_map_io for mapping BAR pages (bsc#1103992 FATE#326009).\n- RDMA/odp: Fix missed unlock in non-blocking invalidate_start (bsc#1103992 FATE#326009).\n- RDMA/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992, FATE#326009).\n- RDMA/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992, FATE#326009).\n- RDMA/srp: Accept again source addresses that do not have a port number (bsc#1103992 FATE#326009).\n- RDMA/srp: Document srp_parse_in() arguments (bsc#1103992 FATE#326009).\n- RDMA/uverbs: check for allocation failure in uapi_add_elm() (bsc#1103992 FATE#326009).\n- Re-export snd_cards for kABI compatibility (bsc#1051510).\n- Revert 'Sign non-x86 kernels when possible (boo#1134303)' \n- Revert 'bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()' (bsc#1140652).\n- Revert 'net: ena: ethtool: add extra properties retrieval via get_priv_flags' (bsc#1138879).\n- Revert 's390/jump_label: Use 'jdd' constraint on gcc9 (bsc#1138589).' This broke the build with older gcc instead.\n- Revert 'svm: Fix AVIC incomplete IPI emulation' (bsc#1140133).\n- Revert 'svm: Fix AVIC incomplete IPI emulation' (bsc#1140133).\n- SMB3: Fix endian warning (bsc#1137884).\n- UAS: fix alignment of scatter/gather segments (bsc#1129770).\n- USB: Add LPM quirk for Surface Dock GigE adapter (bsc#1051510).\n- USB: Fix chipmunk-like voice when using Logitech C270 for recording audio (bsc#1051510).\n- USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor (bsc#1051510).\n- USB: cdc-acm: fix unthrottle races (bsc#1051510).\n- USB: core: Don't unbind interfaces following device reset failure (bsc#1051510).\n- USB: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- USB: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- USB: rio500: fix memory leak in close after disconnect (bsc#1051510).\n- USB: rio500: refuse more than one device at a time (bsc#1051510).\n- USB: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).\n- USB: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- USB: serial: fix unthrottle races (bsc#1051510).\n- USB: serial: ftdi_sio: add ID for isodebug v1 (bsc#1051510).\n- USB: serial: option: add Telit 0x1260 and 0x1261 compositions (bsc#1051510).\n- USB: serial: option: add support for GosunCn ME3630 RNDIS mode (bsc#1051510).\n- USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode (bsc#1051510).\n- USB: serial: pl2303: add Allied Telesis VT-Kit3 (bsc#1051510).\n- USB: sisusbvga: fix oops in error path of sisusb_probe (bsc#1051510).\n- USB: usb-storage: Add new ID to ums-realtek (bsc#1051510).\n- USB: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- USB: yurex: Fix protection fault after device removal (bsc#1051510).\n- VMCI: Fix integer overflow in VMCI handle arrays (bsc#1051510).\n- acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).\n- acpi / property: fix handling of data_nodes in acpi_get_next_subnode() (bsc#1051510).\n- acpi / utils: Drop reference in test for device presence (bsc#1051510).\n- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).\n- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).\n- acpi/nfit: Always dump _DSM output payload (bsc#1142351).\n- acpi: PM: Allow transitions to D0 to occur in special cases (bsc#1051510).\n- acpi: PM: Avoid evaluating _PS3 on transitions from D3hot to D3cold (bsc#1051510).\n- acpi: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bsc#1111666).\n- acpi: button: reinitialize button state upon resume (bsc#1051510).\n- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).\n- acpi: property: restore _DSD data subnodes GUID comment (bsc#1111666).\n- acpiCA: AML interpreter: add region addresses in global list during initialization (bsc#1051510).\n- acpiCA: Clear status of GPEs on first direct enable (bsc#1111666).\n- acpiCA: Namespace: remove address node from global list after method termination (bsc#1051510).\n- af_key: unconditionally clone on broadcast (bsc#1051510).\n- alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).\n- alsa: compress: Be more restrictive about when a drain is allowed (bsc#1051510).\n- alsa: compress: Don't allow paritial drain operations on capture streams (bsc#1051510).\n- alsa: compress: Fix regression on compressed capture streams (bsc#1051510).\n- alsa: compress: Prevent bypasses of set_params (bsc#1051510).\n- alsa: core: Don't refer to snd_cards array directly (bsc#1051510).\n- alsa: core: Fix card races between register and disconnect (bsc#1051510).\n- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- alsa: firewire-lib/fireworks: fix miss detection of received MIDI messages (bsc#1051510).\n- alsa: firewire-motu: fix destruction of data for isochronous resources (bsc#1051510).\n- alsa: hda - Add a conexant codec entry to let mute led work (bsc#1051510).\n- alsa: hda - Add two more machines to the power_save_blacklist (bsc#1051510).\n- alsa: hda - Don't resume forcibly i915 HDMI/DP codec (bsc#1111666).\n- alsa: hda - Fix intermittent CORB/RIRB stall on Intel chips (bsc#1111666).\n- alsa: hda - Force polling mode on CNL for fixing codec communication (bsc#1051510).\n- alsa: hda - Optimize resume for codecs without jack detection (bsc#1111666).\n- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).\n- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).\n- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- alsa: hda/hdmi - Fix i915 reverse port/pin mapping (bsc#1111666).\n- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- alsa: hda/hdmi - Remove duplicated define (bsc#1111666).\n- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).\n- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).\n- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).\n- alsa: hda/realtek - Change front mic location for Lenovo M710q (bsc#1051510).\n- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: hda/realtek - EAPD turn on later (bsc#1051510).\n- alsa: hda/realtek - Enable micmute LED for Huawei laptops (bsc#1051510).\n- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).\n- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).\n- alsa: hda/realtek - Fixed Headphone Mic can't record on Dell platform (bsc#1051510).\n- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).\n- alsa: hda/realtek - Headphone Mic can't record after S3 (bsc#1051510).\n- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).\n- alsa: hda/realtek - Move to ACT_INIT state (bsc#1111666).\n- alsa: hda/realtek - Set default power save node to 0 (bsc#1051510).\n- alsa: hda/realtek - Support low power consumption for ALC256 (bsc#1051510).\n- alsa: hda/realtek - Support low power consumption for ALC295 (bsc#1051510).\n- alsa: hda/realtek - Update headset mode for ALC256 (bsc#1051510).\n- alsa: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).\n- alsa: hda/realtek: Add quirks for several Clevo notebook barebones (bsc#1051510).\n- alsa: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bsc#1111666).\n- alsa: hda/realtek: apply ALC891 headset fixup to one Dell machine (bsc#1051510).\n- alsa: hda: Initialize power_state field properly (bsc#1051510).\n- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).\n- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).\n- alsa: line6: Fix a typo (bsc#1051510).\n- alsa: line6: Fix write on zero-sized buffer (bsc#1051510).\n- alsa: line6: Fix wrong altsetting for LINE6_PODHD500_1 (bsc#1051510).\n- alsa: line6: use dynamic buffers (bsc#1051510).\n- alsa: oxfw: allow PCM capture for Stanton SCS.1m (bsc#1051510).\n- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- alsa: seq: Break too long mutex context in the write loop (bsc#1051510).\n- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).\n- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).\n- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- alsa: seq: fix incorrect order of dest_client/dest_ports arguments (bsc#1051510).\n- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- alsa: timer: Coding style fixes (bsc#1051510).\n- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- alsa: timer: Make sure to clear pending ack list (bsc#1051510).\n- alsa: timer: Revert active callback sync check at close (bsc#1051510).\n- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- alsa: timer: Unify timer callback process code (bsc#1051510).\n- alsa: usb-audio: Add quirk for Focusrite Scarlett Solo (bsc#1051510).\n- alsa: usb-audio: Add quirk for MOTU MicroBook II (bsc#1051510).\n- alsa: usb-audio: Cleanup DSD whitelist (bsc#1051510).\n- alsa: usb-audio: Enable .product_name override for Emagic, Unitor 8 (bsc#1051510).\n- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).\n- alsa: usb-audio: Fix parse of UAC2 Extension Units (bsc#1111666).\n- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- alsa: usb-audio: Sanity checks for each pipe and EP types (bsc#1051510).\n- alsa: usb-audio: fix Line6 Helix audio format rates (bsc#1111666).\n- alsa: usb-audio: fix sign unintended sign extension on left shifts (bsc#1051510).\n- alsa: usx2y: fix a double free bug (bsc#1051510).\n- apparmor: enforce nullbyte at end of tag string (bsc#1051510).\n- appletalk: Fix compile regression (bsc#1051510).\n- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).\n- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).\n- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).\n- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).\n- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).\n- arm64: do not override dma_max_pfn (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- arm64: fix acpi dependencies (bsc#1117158).\n- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).\n- at76c50x-usb: Don't register led_trigger if usb_register_driver failed (bsc#1051510).\n- ath10k: Do not send probe response template for mesh (bsc#1111666).\n- ath10k: Fix encoding for protected management frames (bsc#1111666).\n- ath10k: add missing error handling (bsc#1111666).\n- ath10k: add peer id check in ath10k_peer_find_by_id (bsc#1111666).\n- ath10k: avoid possible string overflow (bsc#1051510).\n- ath10k: destroy sdio workqueue while remove sdio module (bsc#1111666).\n- ath10k: fix PCIE device wake up failed (bsc#1111666).\n- ath10k: fix incorrect multicast/broadcast rate setting (bsc#1111666).\n- ath10k: snoc: fix unbalanced clock error handling (bsc#1111666).\n- ath6kl: add some bounds checking (bsc#1051510).\n- ath9k: Check for errors when reading SREV register (bsc#1111666).\n- ath9k: correctly handle short radar pulses (bsc#1111666).\n- ath: DFS JP domain W56 fixed pulse type 3 RADAR detection (bsc#1111666).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- audit: fix a memory leak bug (bsc#1051510).\n- ax25: fix inconsistent lock state in ax25_destroy_timer (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).\n- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: allow updating DAT entry timeouts on incoming ARP Replies (bsc#1051510).\n- batman-adv: fix for leaked TVLV handler (bsc#1051510).\n- bcache: Add comments for blkdev_put() in registration code path (bsc#1140652).\n- bcache: Clean up bch_get_congested() (bsc#1140652).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: Revert 'bcache: fix high CPU occupancy during journal' (bsc#1140652).\n- bcache: Revert 'bcache: free heap cache_set flush_btree in bch_journal_free' (bsc#1140652).\n- bcache: account size of buckets used in uuid write to ca meta_sectors_written (bsc#1130972).\n- bcache: account size of buckets used in uuid write to ca meta_sectors_written (bsc#1130972).\n- bcache: acquire bch_register_lock later in cached_dev_detach_finish() (bsc#1140652).\n- bcache: acquire bch_register_lock later in cached_dev_free() (bsc#1140652).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add code comments for journal_read_bucket() (bsc#1140652).\n- bcache: add comment for cache_set fill_iter (bsc#1130972).\n- bcache: add comment for cache_set fill_iter (bsc#1130972).\n- bcache: add comments for closure_fn to be called in closure_queue() (bsc#1140652).\n- bcache: add comments for kobj release callback routine (bsc#1140652).\n- bcache: add comments for mutex_lock(b write_lock) (bsc#1140652).\n- bcache: add error check for calling register_bdev() (bsc#1140652).\n- bcache: add failure check to run_cache_set() for journal replay (bsc#1140652).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add io error counting in write_bdev_super_endio() (bsc#1140652).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add more error message in bch_cached_dev_attach() (bsc#1140652).\n- bcache: add pendings_cleanup to stop pending bcache device (bsc#1140652).\n- bcache: add reclaimed_journal_buckets to struct cache_set (bsc#1140652).\n- bcache: add return value check to bch_cached_dev_run() (bsc#1140652).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: avoid a deadlock in bcache_reboot() (bsc#1140652).\n- bcache: avoid clang -Wunintialized warning (bsc#1140652).\n- bcache: avoid flushing btree node in cache_set_flush() if io disabled (bsc#1140652).\n- bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set (bsc#1140652).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: check CACHE_SET_IO_DISABLE bit in bch_journal() (bsc#1140652).\n- bcache: check CACHE_SET_IO_DISABLE in allocator code (bsc#1140652).\n- bcache: check c gc_thread by IS_ERR_OR_NULL in cache_set_flush() (bsc#1140652).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: destroy dc writeback_write_wq if failed to create dc writeback_thread (bsc#1140652).\n- bcache: do not assign in if condition in bcache_device_init() (bsc#1140652).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: do not set max writeback rate if gc is running (bsc#1140652).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix a race between cache register and cacheset unregister (bsc#1140652).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix crashes stopping bcache device before read miss done (bsc#1140652).\n- bcache: fix failure in journal relplay (bsc#1140652).\n- bcache: fix inaccurate result of unused buckets (bsc#1140652).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix mistaken sysfs entry for io_error counter (bsc#1140652).\n- bcache: fix potential deadlock in cached_def_free() (bsc#1140652).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix race in btree_flush_write() (bsc#1140652).\n- bcache: fix return value error in bch_journal_read() (bsc#1140652).\n- bcache: fix stack corruption by PRECEDING_KEY() (bsc#1140652).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: fix wrong usage use-after-freed on keylist in out_nocoalesce branch of btree_gc_coalesce (bsc#1140652).\n- bcache: ignore read-ahead request failure on backing device (bsc#1140652).\n- bcache: improve bcache_reboot() (bsc#1140652).\n- bcache: improve error message in bch_cached_dev_run() (bsc#1140652).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make bset_search_tree() be more understandable (bsc#1140652).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: make is_discard_enabled() static (bsc#1140652).\n- bcache: more detailed error message to bcache_device_link() (bsc#1140652).\n- bcache: move definition of 'int ret' out of macro read_bucket() (bsc#1140652).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() (bsc#1140652).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: only clear BTREE_NODE_dirty bit when it is set (bsc#1140652).\n- bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached (bsc#1140652).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: performance improvement for btree_flush_write() (bsc#1140652).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove redundant LIST_HEAD(journal) from run_cache_set() (bsc#1140652).\n- bcache: remove redundant LIST_HEAD(journal) from run_cache_set() (bsc#1140652).\n- bcache: remove retry_flush_write from struct cache_set (bsc#1140652).\n- bcache: remove unncessary code in bch_btree_keys_init() (bsc#1140652).\n- bcache: remove unnecessary prefetch() in bset_search_tree() (bsc#1140652).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: return error immediately in bch_journal_replay() (bsc#1140652).\n- bcache: set largest seq to ja seq[bucket_index] in journal_read_bucket() (bsc#1140652).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: shrink btree node cache after bch_btree_check() (bsc#1140652).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: stop writeback kthread and kworker when bch_cached_dev_run() failed (bsc#1140652).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: treat stale and dirty keys as bad keys (bsc#1130972).\n- bcache: treat stale and dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_match_string() instead of __sysfs_match_string() (bsc#1140652).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- be2net: Signal that the device cannot transmit during reconfiguration (bsc#1127315).\n- be2net: Synchronize be_update_queues with dev_watchdog (bsc#1127315).\n- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).\n- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).\n- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).\n- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).\n- blk-mq: fix hang caused by freeze/unfreeze sequence (bsc#1128432).\n- blk-mq: free hw queue's resource in hctx's release handler (bsc#1140637).\n- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).\n- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).\n- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).\n- blkcg: Introduce blkg_root_lookup() (bsc#1131673).\n- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).\n- block, bfq: NULL out the bic when it's no longer valid (bsc#1142359).\n- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).\n- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).\n- block: Fix a NULL pointer dereference in generic_make_request() (bsc#1139771).\n- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).\n- block: Introduce blk_exit_queue() (bsc#1131673).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).\n- block: fix the return errno for direct IO (bsc#1135320).\n- block: fix use-after-free on gendisk (bsc#1135312).\n- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).\n- block: remove bio_rewind_iter() (bsc#1131673).\n- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).\n- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).\n- bluetooth: Fix faulty expression for minimum encryption key size check (bsc#1140328).\n- bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).\n- bnx2x: Add support for detection of P2P event packets (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Bump up driver version to 1.713.36 (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Prevent load reordering in tx completion processing (bsc#1142868).\n- bnx2x: Remove set but not used variable 'mfw_vn' (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Replace magic numbers with macro definitions (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Use struct_size() in kzalloc() (bsc#1136498 jsc#SLE-4699).\n- bnx2x: Utilize FW 7.13.11.0 (bsc#1136498 jsc#SLE-4699).\n- bnx2x: fix spelling mistake 'dicline' 'decline' (bsc#1136498 jsc#SLE-4699).\n- bnx2x: fix various indentation issues (bsc#1136498 jsc#SLE-4699).\n- bnxt_en: Add device IDs 0x1806 and 0x1752 for 57500 devices (bsc#1137224).\n- bnxt_en: Add support for BCM957504 (bsc#1137224).\n- bnxt_en: Disable bus master during PCI shutdown and driver unload (bsc#1104745 FATE#325918).\n- bnxt_en: Fix aggregation buffer leak under OOM condition (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix aggregation buffer leak under OOM condition (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix statistics context reservation logic (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix statistics context reservation logic (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix statistics context reservation logic for RDMA driver (bsc#1104745 FATE#325918).\n- bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242 FATE#322914).\n- bnxt_en: Improve NQ reservations (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Improve NQ reservations (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Improve multicast address setup logic (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Improve multicast address setup logic (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Pass correct extended TX port statistics size to firmware (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Pass correct extended TX port statistics size to firmware (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Reduce memory usage when running in kdump kernel (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Reduce memory usage when running in kdump kernel (bsc#1134090 jsc#SLE-5954).\n- bnxt_en: Suppress error messages when querying DSCP DCB capabilities (bsc#1104745 FATE#325918).\n- bonding: Force slave speed check after link state recovery for 802.3ad (bsc#1137584).\n- bpf, devmap: Add missing RCU read lock on flush (bsc#1109837).\n- bpf, devmap: Add missing bulk queue free (bsc#1109837).\n- bpf, devmap: Fix premature entry free on destroying map (bsc#1109837).\n- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).\n- bpf, tcp: correctly handle DONT_WAIT flags and timeo == 0 (bsc#1109837).\n- bpf, x64: fix stack layout of JITed bpf code (bsc#1083647).\n- bpf, x64: save 5 bytes in prologue when ebpf insns came from cbpf (bsc#1083647).\n- bpf: Add missed newline in verifier verbose log (bsc#1056787).\n- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).\n- bpf: btf: fix the brackets of BTF_INT_OFFSET() (bsc#1083647).\n- bpf: devmap: fix use-after-free Read in __dev_map_entry_free (bsc#1109837).\n- bpf: fix callees pruning callers (bsc#1109837).\n- bpf: fix nested bpf tracepoints with per-cpu data (bsc#1083647).\n- bpf: fix use after free in bpf_evict_inode (bsc#1083647).\n- bpf: lpm_trie: check left child of last leftmost node for NULL (bsc#1109837).\n- bpf: sockmap fix msg sg.size account on ingress skb (bsc#1109837).\n- bpf: sockmap remove duplicate queue free (bsc#1109837).\n- bpf: sockmap, fix use after free from sleep in psock backlog workqueue (bsc#1109837).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- brcmfmac: convert dev_init_lock mutex to completion (bsc#1051510).\n- brcmfmac: fix NULL pointer derefence during USB disconnect (bsc#1111666).\n- brcmfmac: fix Oops when bringing up interface during USB disconnect (bsc#1051510).\n- brcmfmac: fix WARNING during USB disconnect in case of unempty psq (bsc#1051510).\n- brcmfmac: fix leak of mypkt on error return path (bsc#1111666).\n- brcmfmac: fix missing checks for kmemdup (bsc#1051510).\n- brcmfmac: fix race during disconnect when USB completion is in progress (bsc#1051510).\n- broadcom: Mark expected switch fall-throughs (bsc#1136498 jsc#SLE-4699).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).\n- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).\n- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).\n- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).\n- btrfs: fix race between block group removal and block group allocation (bsc#1143003).\n- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).\n- btrfs: fix race updating log root item during fsync (bsc#1137153).\n- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).\n- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).\n- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).\n- can: af_can: Fix error path of can_init() (bsc#1051510).\n- can: flexcan: fix timeout when set small bitrate (bsc#1051510).\n- can: purge socket error queue on sock destruct (bsc#1051510).\n- carl9170: fix misuse of device driver API (bsc#1111666).\n- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: factor out ceph_lookup_inode() (bsc#1138681).\n- ceph: fix NULL pointer deref when debugging is enabled (bsc#1138681).\n- ceph: fix ci i_head_snapc leak (bsc#1122776).\n- ceph: fix ci i_head_snapc leak (bsc#1122776).\n- ceph: fix potential use-after-free in ceph_mdsc_build_path (bsc#1138681).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: flush dirty inodes before proceeding with remount (bsc#1138681).\n- ceph: flush dirty inodes before proceeding with remount (bsc#1140405).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- ceph: print inode number in __caps_issued_mask debugging messages (bsc#1138681).\n- ceph: quota: fix quota subdir mounts (bsc#1138681).\n- ceph: remove duplicated filelock ref increase (bsc#1138681).\n- cfg80211: Handle WMM rules in regulatory domain intersection (bsc#1111666).\n- cfg80211: fix memory leak of wiphy device name (bsc#1051510).\n- cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() (bsc#1141478).\n- cgroup: fix parsing empty mount option string (bsc#1133094).\n- chardev: add additional check for minor range overlap (bsc#1051510).\n- chelsio: use BUG() instead of BUG_ON(1) (bsc#1136345 jsc#SLE-4681).\n- cifs: Fix potential OOB access of lock element array (bsc#1051510).\n- cifs: don't dereference smb_file_target before null check (bsc#1051510). \n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).\n- clk: qcom: Fix -Wunused-const-variable (bsc#1051510).\n- clk: rockchip: Don't yell about bad mmc phases when getting (bsc#1051510).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: Turn on 'aclk_dmac1' for suspend on rk3288 (bsc#1051510).\n- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- clk: tegra210: fix PLLU and PLLU_OUT1 (bsc#1051510).\n- clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider (bsc#1051510).\n- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).\n- config: arm64: enable CN99xx uncore pmu References: bsc#1117114\n- configfs: Fix use-after-free when accessing sd s_dentry (bsc#1051510).\n- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).\n- coresight: etb10: Fix handling of perf mode (bsc#1051510).\n- coresight: etm4x: Add support to enable ETMv4.2 (bsc#1051510).\n- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).\n- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178). \n- cpufreq/pasemi: fix possible object reference leak (bsc#1051510).\n- cpufreq: Use struct kobj_attribute instead of struct global_attr (bsc#1051510).\n- cpufreq: acpi-cpufreq: Report if CPU doesn't support boost technologies (bsc#1051510).\n- cpufreq: brcmstb-avs-cpufreq: Fix initial command check (bsc#1051510).\n- cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency (bsc#1051510).\n- cpufreq: check if policy is inactive early in __cpufreq_get() (bsc#1051510).\n- cpufreq: kirkwood: fix possible object reference leak (bsc#1051510).\n- cpufreq: pmac32: fix possible object reference leak (bsc#1051510).\n- cpufreq: ppc_cbe: fix possible object reference leak (bsc#1051510).\n- crypto: algapi - guard against uninitialized spawn list in crypto_remove_spawns (bsc#1133401).\n- crypto: arm/aes-neonbs - don't access already-freed walk.iv (bsc#1051510).\n- crypto: arm64/sha1-ce - correct digest for empty data in finup (bsc#1051510).\n- crypto: arm64/sha2-ce - correct digest for empty data in finup (bsc#1051510).\n- crypto: caam - add missing put_device() call (bsc#1129770).\n- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).\n- crypto: caam/qi2 - fix DMA mapping of stack memory (bsc#1111666).\n- crypto: caam/qi2 - fix zero-length buffer DMA mapping (bsc#1111666).\n- crypto: caam/qi2 - generate hash keys in-place (bsc#1111666).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: ccp - Fix 3DES complaint from ccp-crypto module (bsc#1051510).\n- crypto: ccp - Fix SEV_VERSION_GREATER_OR_EQUAL (bsc#1051510).\n- crypto: ccp - Validate the the error value used to index error messages (bsc#1051510).\n- crypto: ccp - fix AES CFB error exposed by new test vectors (bsc#1051510).\n- crypto: ccp - memset structure fields to zero before reuse (bsc#1051510).\n- crypto: ccp/gcm - use const time tag comparison (bsc#1051510).\n- crypto: chacha20poly1305 - fix atomic sleep when using async algorithm (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: chcr - ESN for Inline IPSec Tx (bsc#1136353 jsc#SLE-4688).\n- crypto: chcr - small packet Tx stalls the queue (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix NULL pointer dereference (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix passing zero to 'PTR_ERR' warning in chcr_aead_op (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix softlockup with heavy I/O (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fix wrong error counter increments (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Fixed Traffic Stall (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Handle pci shutdown event (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Inline single pdu only (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Reset counters on cxgb4 Detach (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Swap location of AAD and IV sent in WR (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - Use same value for both channel in single WR (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - avoid using sa_entry imm (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - check set_msg_len overflow in generate_b0 (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - clean up various indentation issues (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - cleanup:send addr as value in function argument (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - count incomplete block in IV (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - remove set but not used variable 'kctx_len' (bsc#1136353 jsc#SLE-4688).\n- crypto: chelsio - remove set but not used variables 'adap' (bsc#1136353 jsc#SLE-4688).\n- crypto: chtls - remove cdev_list_lock (bsc#1136353 jsc#SLE-4688).\n- crypto: chtls - remove set but not used variables 'err, adap, request, hws' (bsc#1136353 jsc#SLE-4688).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: cryptd - Fix skcipher instance memory leak (bsc#1051510).\n- crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe (bsc#1051510).\n- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: ghash - fix unaligned memory access in ghash_setkey() (bsc#1051510).\n- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).\n- crypto: prefix header search paths with $(srctree)/ (bsc#1136353 jsc#SLE-4688).\n- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: skcipher - don't WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: talitos - Align SEC1 accesses to 32 bits boundaries (bsc#1051510).\n- crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking (bsc#1051510).\n- crypto: talitos - check data blocksize in ablkcipher (bsc#1051510).\n- crypto: talitos - fix CTR alg blocksize (bsc#1051510).\n- crypto: talitos - fix max key size for sha384 and sha512 (bsc#1051510).\n- crypto: talitos - properly handle split ICV (bsc#1051510).\n- crypto: talitos - reduce max key size for SEC1 (bsc#1051510).\n- crypto: talitos - rename alternative AEAD algos (bsc#1051510).\n- crypto: user - prevent operating on larval algorithms (bsc#1133401).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).\n- cxgb4/chtls: Prefix adapter flags with CXGB4 (bsc#1136345 jsc#SLE-4681).\n- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).\n- cxgb4/cxgb4vf: Display advertised FEC in ethtool (bsc#1136345 jsc#SLE-4681).\n- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).\n- cxgb4/cxgb4vf: Fix up netdev hw_features (bsc#1136345 jsc#SLE-4681).\n- cxgb4/cxgb4vf: Link management changes (bsc#1127371).\n- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).\n- cxgb4/cxgb4vf_main: Mark expected switch fall-through (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Add VF Link state support (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).\n- cxgb4: Add flag tc_flower_initialized (bsc#1127371).\n- cxgb4: Add new T5 pci device id 0x50ae (bsc#1127371).\n- cxgb4: Add new T5 pci device ids 0x50af and 0x50b0 (bsc#1127371).\n- cxgb4: Add new T6 pci device ids 0x608a (bsc#1127371).\n- cxgb4: Add new T6 pci device ids 0x608b (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).\n- cxgb4: Add support to read actual provisioned resources (bsc#1127371).\n- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).\n- cxgb4: Delete all hash and TCAM filters before resource cleanup (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Do not return EAGAIN when TCAM is full (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Enable hash filter with offload (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Enable outer UDP checksum offload for T6 (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).\n- cxgb4: Fix error path in cxgb4_init_module (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).\n- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).\n- cxgb4: Revert 'cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size' (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Support ethtool private flags (bsc#1127371).\n- cxgb4: TLS record offload enable (bsc#1136345 jsc#SLE-4681).\n- cxgb4: Update 1.23.3.0 as the latest firmware supported (bsc#1136345 jsc#SLE-4681).\n- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).\n- cxgb4: add support to display DCB info (bsc#1127371).\n- cxgb4: add tcb flags and tcb rpl struct (bsc#1136345 jsc#SLE-4681).\n- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).\n- cxgb4: collect hardware queue descriptors (bsc#1127371).\n- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).\n- cxgb4: convert flower table to use rhashtable (bsc#1127371).\n- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).\n- cxgb4: display number of rx and tx pages free (bsc#1127371).\n- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).\n- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).\n- cxgb4: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).\n- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).\n- cxgb4: kfree mhp after the debug print (bsc#1136345 jsc#SLE-4681).\n- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).\n- cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1136345 jsc#SLE-4681).\n- cxgb4: remove DEFINE_SIMPLE_DEBUGFS_FILE() (bsc#1136345 jsc#SLE-4681).\n- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).\n- cxgb4: remove set but not used variables 'multitrc, speed' (bsc#1136345 jsc#SLE-4681).\n- cxgb4: remove the unneeded locks (bsc#1127371).\n- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).\n- cxgb4: update supported DCB version (bsc#1127371).\n- cxgb4: use firmware API for validating filter spec (bsc#1136345 jsc#SLE-4681).\n- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).\n- cxgb4vf: Call netif_carrier_off properly in pci_probe (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Enter debugging mode if FW is inaccessible (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Few more link management changes (bsc#1127374).\n- cxgb4vf: Prefix adapter flags with CXGB4VF (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Revert force link up behaviour (bsc#1136347 jsc#SLE-4683).\n- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).\n- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).\n- cxgb4vf: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).\n- dasd_fba: Display '00000000' for zero page when dumping sense (bsc#1123080).\n- dax: Fix xarray entry association for mixed mappings (bsc#1140893).\n- dccp: Fix memleak in __feat_register_sp (bsc#1051510).\n- debugfs: fix use-after-free on symlink traversal (bsc#1051510).\n- device core: Consolidate locking and unlocking of parent and device (bsc#1106383).\n- device_cgroup: fix RCU imbalance in error case (bsc#1051510).\n- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).\n- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).\n- dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc (bsc#1111666).\n- dma-direct: add support for allocation from ZONE_DMA and ZONE_DMA32 (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- dma-direct: do not retry allocation for no-op GFP_DMA (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- dma-direct: retry allocations using GFP_DMA for small masks (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- dma-mapping: move dma_mark_clean to dma-direct.h (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- dma-mapping: move swiotlb arch helpers to a new header (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- dma-mapping: take dma_pfn_offset into account in dma_max_pfn (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- dmaengine: at_xdmac: remove BUG_ON macro in tasklet (bsc#1111666).\n- dmaengine: axi-dmac: Don't check the number of frames for alignment (bsc#1051510).\n- dmaengine: hsu: Revert 'set HSU_CH_MTSR to memory width' (bsc#1051510).\n- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).\n- dmaengine: imx-sdma: remove BD_INTR for channel0 (bsc#1051510).\n- dmaengine: pl330: _stop: clear interrupt status (bsc#1111666).\n- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).\n- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).\n- dmaengine: tegra210-adma: Fix crash during probe (bsc#1111666).\n- dmaengine: tegra210-adma: restore channel status (bsc#1111666).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).\n- doc: Cope with the deprecation of AutoReporter (bsc#1051510).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- documentation: DMA-API: fix a function name of max_mapping_size (bsc#1140954).\n- drbd: Avoid Clang warning about pointless switch statment (bsc#1051510).\n- drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bsc#1051510).\n- drbd: narrow rcu_read_lock in drbd_sync_handshake (bsc#1051510).\n- drbd: skip spurious timeout (ping-timeo) when failing promote (bsc#1051510).\n- driver core: Establish order of operations for device_add and device_del via bitflag (bsc#1106383).\n- driver core: Probe devices asynchronously instead of the driver (bsc#1106383).\n- drivers/base/devres: introduce devm_release_action() (bsc#1103992 FATE#326009).\n- drivers/base: Introduce kill_device() (bsc#1139865).\n- drivers/base: kABI fixes for struct device_private (bsc#1106383).\n- drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' (bsc#1051510).\n- drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen() (bsc#1051510).\n- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).\n- drivers: depend on HAS_IOMEM for devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).\n- drivers: fix a typo in the kernel doc for devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).\n- drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).\n- drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).\n- drivers: provide devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).\n- drivers: thermal: tsens: Don't print error message on -EPROBE_DEFER (bsc#1051510).\n- drm/amd/display: Fix Divide by 0 in memory calculations (bsc#1111666).\n- drm/amd/display: If one stream full updates, full update all planes (bsc#1111666).\n- drm/amd/display: Make some functions static (bsc#1111666).\n- drm/amd/display: Set stream mode_changed when connectors change (bsc#1111666).\n- drm/amd/display: Use plane color_space for dpp if specified (bsc#1111666).\n- drm/amd/display: extending AUX SW Timeout (bsc#1111666).\n- drm/amd/display: fix cursor black issue (bsc#1111666).\n- drm/amd/display: fix releasing planes when exiting odm (bsc#1111666).\n- drm/amd/powerplay: use hardware fan control if no powerplay fan table (bsc#1111666).\n- drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE (bsc#1051510).\n- drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bsc#1111666).\n- drm/amdgpu/psp: move psp version specific function pointers to early_init (bsc#1111666).\n- drm/amdgpu: fix old fence check in amdgpu_fence_emit (bsc#1051510).\n- drm/amdgpu: remove ATPX_DGPU_REQ_POWER_FOR_DISPLAYS check when hotplug-in (bsc#1111666).\n- drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bsc#1111666).\n- drm/arm/hdlcd: Actually validate CRTC modes (bsc#1111666).\n- drm/arm/hdlcd: Allow a bit of clock tolerance (bsc#1051510).\n- drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times (bsc#1111666).\n- drm/atmel-hlcdc: revert shift by 8 (bsc#1111666).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).\n- drm/doc: Drop 'content type' from the legacy kms property table (bsc#1111666).\n- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).\n- drm/drv: Hold ref on parent device during drm_device lifetime (bsc#1051510).\n- drm/edid: abstract override/firmware EDID retrieval (bsc#1111666).\n- drm/etnaviv: add missing failure path to destroy suballoc (bsc#1111666).\n- drm/etnaviv: lock MMU while dumping core (bsc#1113722)\n- drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bsc#1111666).\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/fb-helper: generic: Call drm_client_add() after setup is done (bsc#1111666).\n- drm/fb-helper: generic: Don't take module ref for fbcon (bsc#1111666).\n- drm/gma500/cdv: Check vbt config bits when detecting lvds panels (bsc#1051510).\n- drm/i915/dmc: protect against reading random memory (bsc#1051510).\n- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).\n- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)\n- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113956)\n- drm/i915/gvt: Annotate iomem usage (bsc#1051510).\n- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack (bsc#1111666).\n- drm/i915/gvt: Prevent use-after-free in ppgtt_free_all_spt() (bsc#1111666).\n- drm/i915/gvt: Roundup fb height into tile's height at calucation fb size (bsc#1111666).\n- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)\n- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)\n- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).\n- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).\n- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)\n- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113956)\n- drm/i915/gvt: ignore unexpected pvinfo write (bsc#1051510).\n- drm/i915/gvt: refine ggtt range validation (bsc#1113722)\n- drm/i915/icl: Add WaDisableBankHangMode (bsc#1111666).\n- drm/i915/icl: Whitelist GEN9_SLICE_COMMON_ECO_CHICKEN1 (bsc#1111666).\n- drm/i915/perf: fix whitelist on Gen10+ (bsc#1051510).\n- drm/i915/sdvo: Implement proper HDMI audio support for SDVO (bsc#1051510).\n- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).\n- drm/i915: Disable tv output on i9x5gm (bsc#1086657, bsc#1133897).\n- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled (bsc#1111666).\n- drm/i915: Maintain consistent documentation subsection ordering (bsc#1111666).\n- drm/imx: don't skip DP channel disable for background plane (bsc#1051510).\n- drm/imx: notify drm core before sending event during crtc disable (bsc#1111666).\n- drm/imx: only send event on crtc disable if kept disabled (bsc#1111666).\n- drm/lease: Make sure implicit planes are leased (bsc#1111666).\n- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)\n- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113956)\n- drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver (bsc#1111666).\n- drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable() (bsc#1111666).\n- drm/mediatek: clear num_pipes when unbind driver (bsc#1111666).\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/mediatek: fix unbind functions (bsc#1111666).\n- drm/mediatek: unbind components in mtk_drm_unbind() (bsc#1111666).\n- drm/meson: Add support for XBGR8888 ABGR8888 formats (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/msm/a3xx: remove TPL1 regs from snapshot (bsc#1051510).\n- drm/msm/mdp5: Fix mdp5_cfg_init error return (bsc#1111666).\n- drm/msm: a5xx: fix possible object reference leak (bsc#1111666).\n- drm/msm: fix fb references in async update (bsc#1111666).\n- drm/nouveau/bar/nv50: ensure BAR is mapped (bsc#1111666).\n- drm/nouveau/bar/tu104: initial support (bsc#1133593).\n- drm/nouveau/bar/tu106: initial support (bsc#1133593).\n- drm/nouveau/bios/tu104: initial support (bsc#1133593).\n- drm/nouveau/bios/tu106: initial support (bsc#1133593).\n- drm/nouveau/bios: translate additional memory types (bsc#1133593).\n- drm/nouveau/bios: translate usb-C connector type (bsc#1133593).\n- drm/nouveau/bus/tu104: initial support (bsc#1133593).\n- drm/nouveau/bus/tu106: initial support (bsc#1133593).\n- drm/nouveau/ce/tu104: initial support (bsc#1133593).\n- drm/nouveau/ce/tu106: initial support (bsc#1133593).\n- drm/nouveau/core: increase maximum number of nvdec instances to 3 (bsc#1133593).\n- drm/nouveau/core: recognise TU102 (bsc#1133593).\n- drm/nouveau/core: recognise TU104 (bsc#1133593).\n- drm/nouveau/core: recognise TU106 (bsc#1133593).\n- drm/nouveau/core: support multiple nvdec instances (bsc#1133593).\n- drm/nouveau/devinit/gm200-: export function to upload+execute PMU/PRE_OS (bsc#1133593).\n- drm/nouveau/devinit/tu104: initial support (bsc#1133593).\n- drm/nouveau/devinit/tu106: initial support (bsc#1133593).\n- drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration (bsc#1051510).\n- drm/nouveau/disp/gm200-: add scdc parameter setter (bsc#1133593).\n- drm/nouveau/disp/gv100: fix name of window channels in debug output (bsc#1133593).\n- drm/nouveau/disp/tu104: initial support (bsc#1133593).\n- drm/nouveau/disp/tu106: initial support (bsc#1133593).\n- drm/nouveau/disp: add a way to configure scrambling/tmds for hdmi 2.0 (bsc#1133593).\n- drm/nouveau/disp: add support for setting scdc parameters for high modes (bsc#1133593).\n- drm/nouveau/disp: keep track of high-speed state, program into clock (bsc#1133593).\n- drm/nouveau/disp: take sink support into account for exposing 594mhz (bsc#1133593).\n- drm/nouveau/dma/tu104: initial support (bsc#1133593).\n- drm/nouveau/dma/tu106: initial support (bsc#1133593).\n- drm/nouveau/drm/nouveau: Do not forget to label dp_aux devices (bsc#1133593).\n- drm/nouveau/drm/nouveau: s/nouveau_backlight_exit/nouveau_backlight_fini/ (bsc#1133593).\n- drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init() (bsc#1133593).\n- drm/nouveau/fault/tu104: initial support (bsc#1133593).\n- drm/nouveau/fault/tu106: initial support (bsc#1133593).\n- drm/nouveau/fault: add explicit control over fault buffer interrupts (bsc#1133593).\n- drm/nouveau/fault: remove manual mapping of fault buffers into BAR2 (bsc#1133593).\n- drm/nouveau/fault: store get/put pri address in nvkm_fault_buffer (bsc#1133593).\n- drm/nouveau/fb/tu104: initial support (bsc#1133593).\n- drm/nouveau/fb/tu106: initial support (bsc#1133593).\n- drm/nouveau/fifo/gf100-: call into BAR to reset BARs after MMU fault (bsc#1133593).\n- drm/nouveau/fifo/gk104-: group pbdma functions together (bsc#1133593).\n- drm/nouveau/fifo/gk104-: return channel instance in ctor args (bsc#1133593).\n- drm/nouveau/fifo/gk104-: separate runlist building from committing to hw (bsc#1133593).\n- drm/nouveau/fifo/gk104-: support enabling privileged ce functions (bsc#1133593).\n- drm/nouveau/fifo/gk104-: virtualise pbdma enable function (bsc#1133593).\n- drm/nouveau/fifo/gm200-: read pbdma count more directly (bsc#1133593).\n- drm/nouveau/fifo/gv100: allocate method buffer (bsc#1133593).\n- drm/nouveau/fifo/gv100: return work submission token in channel ctor args (bsc#1133593).\n- drm/nouveau/fifo/tu104: initial support (bsc#1133593).\n- drm/nouveau/fifo/tu106: initial support (bsc#1133593).\n- drm/nouveau/fuse/tu104: initial support (bsc#1133593).\n- drm/nouveau/fuse/tu106: initial support (bsc#1133593).\n- drm/nouveau/gpio/tu104: initial support (bsc#1133593).\n- drm/nouveau/gpio/tu106: initial support (bsc#1133593).\n- drm/nouveau/i2c/tu104: initial support (bsc#1133593).\n- drm/nouveau/i2c/tu106: initial support (bsc#1133593).\n- drm/nouveau/i2c: Disable i2c bus access after fini() (bsc#1113722)\n- drm/nouveau/i2c: Enable i2c pads busses during preinit (bsc#1051510).\n- drm/nouveau/ibus/tu104: initial support (bsc#1133593).\n- drm/nouveau/ibus/tu106: initial support (bsc#1133593).\n- drm/nouveau/imem/nv50: support pinning objects in BAR2 and returning address (bsc#1133593).\n- drm/nouveau/imem/tu104: initial support (bsc#1133593).\n- drm/nouveau/imem/tu106: initial support (bsc#1133593).\n- drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change (bsc#1111666).\n- drm/nouveau/kms/gv100-: fix spurious window immediate interlocks (bsc#1111666).\n- drm/nouveau/kms/nv50-: allow more flexibility with lut formats (bsc#1133593).\n- drm/nouveau/kms/tu104: initial support (bsc#1133593).\n- drm/nouveau/ltc/tu104: initial support (bsc#1133593).\n- drm/nouveau/ltc/tu106: initial support (bsc#1133593).\n- drm/nouveau/mc/tu104: initial support (bsc#1133593).\n- drm/nouveau/mc/tu106: initial support (bsc#1133593).\n- drm/nouveau/mmu/tu104: initial support (bsc#1133593).\n- drm/nouveau/mmu/tu106: initial support (bsc#1133593).\n- drm/nouveau/mmu: add more general vmm free/node handling functions (bsc#1133593).\n- drm/nouveau/pci/tu104: initial support (bsc#1133593).\n- drm/nouveau/pci/tu106: initial support (bsc#1133593).\n- drm/nouveau/pmu/tu104: initial support (bsc#1133593).\n- drm/nouveau/pmu/tu106: initial support (bsc#1133593).\n- drm/nouveau/therm/tu104: initial support (bsc#1133593).\n- drm/nouveau/therm/tu106: initial support (bsc#1133593).\n- drm/nouveau/tmr/tu104: initial support (bsc#1133593).\n- drm/nouveau/tmr/tu106: initial support (bsc#1133593).\n- drm/nouveau/top/tu104: initial support (bsc#1133593).\n- drm/nouveau/top/tu106: initial support (bsc#1133593).\n- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).\n- drm/nouveau: Add NV_PRINTK_ONCE and variants (bsc#1133593).\n- drm/nouveau: Add size to vbios.rom file in debugfs (bsc#1133593).\n- drm/nouveau: Add strap_peek to debugfs (bsc#1133593).\n- drm/nouveau: Cleanup indenting in nouveau_backlight.c (bsc#1133593).\n- drm/nouveau: Fix potential memory leak in nouveau_drm_load() (bsc#1133593).\n- drm/nouveau: Move backlight device into nouveau_connector (bsc#1133593).\n- drm/nouveau: Refactor nvXX_backlight_init() (bsc#1133593).\n- drm/nouveau: Remove unecessary dma_fence_ops (bsc#1133593).\n- drm/nouveau: Start using new drm_dev initialization helpers (bsc#1133593).\n- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).\n- drm/nouveau: add DisplayPort CEC-Tunneling-over-AUX support (bsc#1133593).\n- drm/nouveau: register backlight on pascal and newer (bsc#1133593).\n- drm/nouveau: remove left-over struct member (bsc#1133593).\n- drm/omap: dsi: Fix PM for display blank with paired dss_pll calls (bsc#1111666).\n- drm/omap: hdmi4_cec: Fix CEC clock handling for PM (bsc#1111666).\n- drm/panel: otm8009a: Add delay at the end of initialization (bsc#1111666).\n- drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bsc#1111666).\n- drm/pl111: Initialize clock spinlock early (bsc#1111666).\n- drm/pl111: fix possible object reference leak (bsc#1111666).\n- drm/radeon/evergreen_cs: fix missing break in switch statement (bsc#1113722)\n- drm/radeon: prefer lower reference dividers (bsc#1051510).\n- drm/rockchip: Properly adjust to a true clock in adjusted_mode (bsc#1051510).\n- drm/rockchip: fix for mailbox read validation (bsc#1051510).\n- drm/rockchip: fix for mailbox read validation (bsc#1111666).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)\n- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)\n- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)\n- drm/sun4i: Fix sun8i HDMI PHY clock initialization (bsc#1111666).\n- drm/sun4i: Fix sun8i HDMI PHY configuration for 148.5 MHz (bsc#1111666).\n- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)\n- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)\n- drm/sun4i: dsi: Change the start delay calculation (bsc#1111666).\n- drm/sun4i: dsi: Enforce boundaries on the start delay (bsc#1111666).\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind (bsc#1111666).\n- drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() (bsc#1111666).\n- drm/tegra: hub: Fix dereference before check (bsc#1111666).\n- drm/ttm: Fix bo_global and mem_global kfree error (bsc#1111666).\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bsc#1111666).\n- drm/udl: Replace drm_dev_unref with drm_dev_put (bsc#1111666).\n- drm/udl: add a release method and delay modeset teardown (bsc#1085536)\n- drm/udl: introduce a macro to convert dev to udl (bsc#1111666).\n- drm/udl: move to embedding drm device inside udl device (bsc#1111666).\n- drm/v3d: Handle errors from IRQ setup (bsc#1111666).\n- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)\n- drm/vc4: fix fb references in async update (bsc#1141312).\n- drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set (bsc#1051510).\n- drm/vmwgfx: Honor the sg list segment size limitation (bsc#1111666).\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)\n- drm/vmwgfx: Remove set but not used variable 'restart' (bsc#1111666).\n- drm/vmwgfx: Use the backdoor port if the HB port is not available (bsc#1111666).\n- drm/vmwgfx: fix a warning due to missing dma_parms (bsc#1111666).\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).\n- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).\n- drm: Fix drm_release() and device unplug (bsc#1111666).\n- drm: Wake up next in drm_read() chain if we are forced to putback the event (bsc#1051510).\n- drm: add fallback override/firmware EDID modes workaround (bsc#1111666).\n- drm: add non-desktop quirk for Valve HMDs (bsc#1111666).\n- drm: add non-desktop quirks to Sensics and OSVR headsets (bsc#1111666).\n- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)\n- drm: don't block fb changes for async plane updates (bsc#1111666).\n- drm: etnaviv: avoid DMA API warning when importing buffers (bsc#1111666).\n- drm: panel-orientation-quirks: Add quirk for GPD MicroPC (bsc#1111666).\n- drm: panel-orientation-quirks: Add quirk for GPD pocket2 (bsc#1111666).\n- drm: rcar-du: Fix rcar_du_crtc structure documentation (bsc#1111666).\n- drm: return -EFAULT if copy_to_user() fails (bsc#1111666).\n- drm_dp_cec: add note about good MegaChips 2900 CEC support (bsc#1136978).\n- drm_dp_cec: check that aux has a transfer function (bsc#1136978).\n- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).\n- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).\n- e1000e: start network tx queue only when link is up (bsc#1051510).\n- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).\n- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).\n- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).\n- efi/arm: libstub: add a root memreserve config table (bsc#1117158).\n- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).\n- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).\n- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).\n- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).\n- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).\n- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).\n- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).\n- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).\n- ext4: Do not warn when enabling DAX (bsc#1132894).\n- ext4: actually request zeroing of inode table after grow (bsc#1135315).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).\n- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).\n- ext4: do not delete unlinked inode from orphan list on failed truncate (bsc#1140891).\n- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).\n- ext4: make sanity check in mballoc more strict (bsc#1136439).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- extcon: arizona: Disable mic detect if running when driver is removed (bsc#1051510).\n- failover: allow name change on IFF_UP slave interfaces (bsc#1109837).\n- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).\n- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)\n- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)\n- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).\n- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).\n- fix cgroup_do_mount() handling of failure exits (bsc#1133095).\n- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).\n- fork, memcg: fix cached_stacks case (bsc#1134097).\n- fork, memcg: fix crash in free_thread_stack on memcg charge fail (bsc#1134097).\n- fs/ocfs2: fix race in ocfs2_dentry_attach_lock() (bsc#1140889).\n- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bsc#1140887).\n- fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (bsc#1140887).\n- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).\n- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).\n- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).\n- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).\n- fs: hugetlbfs: fix hwpoison reserve accounting (bsc#1139712) \n- ftrace/x86: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() (bsc#1071995 fate#323487).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- fuse: fallocate: fix return with locked inode (bsc#1051510).\n- fuse: fix writepages on 32bit (bsc#1051510).\n- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate (bsc#1051510).\n- futex: Cure exit race (bsc#1050549).\n- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).\n- futex: Handle early deadlock return correctly (bsc#1050549).\n- genirq: Prevent use-after-free and work list corruption (bsc#1051510).\n- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bsc#1051510).\n- genwqe: Prevent an integer overflow in the ioctl (bsc#1051510).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- gpio: Remove obsolete comment about gpiochip_free_hogs() usage (bsc#1051510).\n- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpio: fix gpio-adp5588 build errors (bsc#1051510).\n- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).\n- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).\n- gpio: omap: fix lack of irqstatus_raw0 for OMAP4 (bsc#1051510).\n- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).\n- gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM (bsc#1111666).\n- hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).\n- hid: input: fix a4tech horizontal wheel custom usage (bsc#1137429).\n- hwmon: (core) add thermal sensors only if dev of_node is present (bsc#1051510).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pmbus/core) Treat parameters as paged if on multiple pages (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwrng: omap - Set default quality (bsc#1051510).\n- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1133311).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1133311).\n- i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr (bsc#1051510).\n- i2c: imx: correct the method of getting private data in notifier_call (bsc#1111666).\n- i2c: mlxcpld: Add support for extended transaction length for i2c-mlxcpld (bsc#1112374).\n- i2c: mlxcpld: Add support for smbus block read transaction (bsc#1112374).\n- i2c: mlxcpld: Allow configurable adapter id for mlxcpld (bsc#1112374).\n- i2c: mlxcpld: Fix adapter functionality support callback (bsc#1112374).\n- i2c: mlxcpld: Fix wrong initialization order in probe (bsc#1112374).\n- i2c: mux: mlxcpld: simplify code to reach the adapter (bsc#1112374).\n- i2c: synquacer: fix enumeration of slave devices (bsc#1111666).\n- i2c: synquacer: fix synquacer_i2c_doxfer() return value (bsc#1111666).\n- ib/hw: Remove unneeded semicolons (bsc#1136456 jsc#SLE-4689).\n- ibmveth: Update ethtool settings to reflect virtual properties (bsc#1136157, LTC#177197).\n- ibmvnic: Add device identification to requested IRQs (bsc#1137739).\n- ibmvnic: Do not close unopened driver during reset (bsc#1137752).\n- ibmvnic: Enable GRO (bsc#1132227).\n- ibmvnic: Fix completion structure initialization (bsc#1131659).\n- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).\n- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).\n- ibmvnic: Refresh device multicast list after reset (bsc#1137752).\n- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).\n- idr: fix overflow case for idr_for_each_entry_ul() (bsc#1109837).\n- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).\n- iio: Fix scan mask selection (bsc#1051510).\n- iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion (bsc#1051510).\n- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).\n- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).\n- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).\n- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).\n- iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data (bsc#1051510).\n- iio: core: fix a possible circular locking dependency (bsc#1051510).\n- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).\n- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).\n- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).\n- iio: hmc5843: fix potential NULL pointer dereferences (bsc#1051510).\n- include/linux/bitops.h: introduce BITS_PER_TYPE (bsc#1136345 jsc#SLE-4681).\n- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).\n- infiniband/qedr: Potential null ptr dereference of qp (bsc#1136456 jsc#SLE-4689).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: msu: Fix single mode with disabled IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).\n- iommu-helper: mark iommu_is_span_boundary as inline (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- iommu/amd: Make iommu_disable safer (bsc#1140955).\n- iommu/amd: Set exclusion range correctly (bsc#1130425).\n- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).\n- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).\n- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).\n- iommu/arm-smmu-v3: Fix big-endian CMD_SYNC writes (bsc#1111666).\n- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bsc#1051510).\n- iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bsc#1051510).\n- iommu/arm-smmu: Add support for qcom,smmu-v2 variant (bsc#1051510).\n- iommu/arm-smmu: Avoid constant zero in TLBI writes (bsc#1140956).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Duplicate iommu_resv_region objects per device list (bsc#1140959).\n- iommu/vt-d: Handle PCI bridge RMRR device scopes in intel_iommu_get_resv_regions (bsc#1140960).\n- iommu/vt-d: Handle RMRR with PCI bridge device scopes (bsc#1140961).\n- iommu/vt-d: Introduce is_downstream_to_pci_bridge helper (bsc#1140962).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Remove unnecessary rcu_read_locks (bsc#1140964).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- iommu: Fix a leak in iommu_insert_resv_region (bsc#1140957).\n- iommu: Use right function to get group for device (bsc#1140958).\n- iov_iter: Fix build error without CONFIG_CRYPTO (bsc#1111666).\n- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).\n- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).\n- ipmi: Prevent use-after-free in deliver_response (bsc#1111666).\n- ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user release_barrier (bsc#1111666).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).\n- ipv6: fib: Do not assume only nodes hold a reference on routes (bsc#1138732).\n- ipvlan: Add the skb mark as flow4's member to lookup route (bsc#1051510).\n- ipvlan: fix ipv6 outbound device (bsc#1051510).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).\n- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).\n- irqchip/gic-v3-its: fix some definitions of inner cacheability attributes (bsc#1051510).\n- irqchip/mbigen: Don't clear eventid when freeing an MSI (bsc#1051510).\n- iw_cxgb*: kzalloc the iwcm verbs struct (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: Check for send WR also while posting write with completion WR (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: Fix qpid leak (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: Make function read_tcb() static (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: complete the cached SRQ buffers (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).\n- iw_cxgb4: fix srqidx leak during connection abort (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).\n- iw_cxgb4: use listening ep tos when accepting new connections (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: use tos when finding ipv6 routes (bsc#1136348 jsc#SLE-4684).\n- iw_cxgb4: use tos when importing the endpoint (bsc#1136348 jsc#SLE-4684).\n- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).\n- iwlwifi: Fix double-free problems in iwl_req_fw_callback() (bsc#1111666).\n- iwlwifi: correct one of the PCI struct names (bsc#1111666).\n- iwlwifi: don't WARN when calling iwl_get_shared_mem_conf with RF-Kill (bsc#1111666).\n- iwlwifi: fix RF-Kill interrupt while FW load for gen2 devices (bsc#1111666).\n- iwlwifi: fix cfg structs for 22000 with different RF modules (bsc#1111666).\n- iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules (bsc#1111666).\n- iwlwifi: fix driver operation for 5350 (bsc#1111666).\n- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).\n- iwlwifi: mvm: Drop large non sta frames (bsc#1111666).\n- iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() (bsc#1051510).\n- iwlwifi: pcie: don't crash on invalid RX interrupt (bsc#1051510).\n- iwlwifi: pcie: don't service an interrupt that was masked (bsc#1111666).\n- iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X (bsc#1111666).\n- ixgbe: Avoid NULL pointer dereference with VF on non-IPsec hw (bsc#1140228).\n- jbd2: check superblock mapped prior to committing (bsc#1136430).\n- kABI fix for hda_codec.relaxed_resume flag (bsc#1111666).\n- kABI workaround for asus-wmi changes (bsc#1051510).\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kABI workaround for the new pci_dev.skip_bus_pm field addition (bsc#1051510).\n- kABI: protect functions using struct net_generic (bsc#1129845 LTC#176252).\n- kABI: protect struct smc_ib_device (bsc#1129845 LTC#176252).\n- kABI: protect struct smcd_dev (bsc#1129845 LTC#176252).\n- kabi fixup blk_mq_register_dev() (bsc#1140637).\n- kabi protect struct iw_cm_id (bsc#1136348 jsc#SLE-4684).\n- kabi protect struct vf_info (bsc#1136347 jsc#SLE-4683).\n- kabi/severities: exclude hns3 symbols (bsc#1134948)\n- kabi/severities: exclude qed* symbols (bsc#1136461)\n- kabi/severities: exclude qed* symbols (bsc#1136461)\n- kabi: Fix lost iommu-helper symbols on arm64 (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).\n- kabi: mask changes made by basic protected virtualization support (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- kabi: mask changes made by swiotlb for protected virtualization (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- kabi: mask changes made by use of DMA memory for adapter interrupts (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).\n- kabi: remove unused hcall definition (bsc#1140322 LTC#176270).\n- kabi: s390: enum interruption_class (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- kabi: s390: enum interruption_class (jsc#SLE-5789 bsc#1134730 LTC#173388).\n- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).\n- kbuild: use -flive-patching when CONFIG_LIVEPATCH is enabled (bsc#1071995 fate#323487).\n- kcm: switch order of device registration to fix a crash (bnc#1130527).\n- kernel/padata.c: Make RT aware (SLE Realtime Extension (bnc#1135344)).\n- kernel/padata.c: Make RT aware (SLE Realtime Extension (bnc#1135344)).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- kernel: jump label transformation performance (bsc#1137534 bsc#1137535 \t\t\tLTC#178058 LTC#178059).\n- kernel: jump label transformation performance (bsc#1137534 bsc#1137535 \t\t\tLTC#178058 LTC#178059).\n- kernfs: do not set dentry d_fsdata (boo#1133115).\n- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).\n- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).\n- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).\n- keys: safe concurrent user {session,uid}_keyring access (bsc#1135642).\n- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904 LTC#176078).\n- kvm/mmu: kABI fix for *_mmu_pages changes in struct kvm_arch (bsc#1135335).\n- kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).\n- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).\n- kvm: SVM: Fix detection of AMD Errata 1096 (bsc#1142354).\n- kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).\n- kvm: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).\n- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- kvm: arm/arm64: vgic-its: Take the srcu lock when parsing the memslots (bsc#1133021).\n- kvm: arm/arm64: vgic-its: Take the srcu lock when writing to guest memory (bsc#1133021).\n- kvm: mmu: Fix overflow on kvm mmu page limit calculation (bsc#1135335).\n- kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).\n- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).\n- kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).\n- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- kvm: polling: add architecture backend to disable polling (bsc#1119222).\n- kvm: s390: change default halt poll time to 50us (bsc#1119222).\n- kvm: s390: enable CONFIG_HAVE_kvm_NO_POLL (bsc#1119222) We need to enable CONFIG_HAVE_kvm_NO_POLL for bsc#1119222\n- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).\n- kvm: s390: fix typo in parameter description (bsc#1119222).\n- kvm: s390: kABI Workaround for 'lowcore' (bsc#1119222).\n- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).\n- kvm: s390: provide kvm_arch_no_poll function (bsc#1119222).\n- kvm: s390: use created_vcpus in more places (bsc#1136206).\n- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).\n- kvm: svm/avic: fix off-by-one in checking host APIC ID (bsc#1140971).\n- kvm: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).\n- kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).\n- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- kvm: x86: Include CPUID leaf 0x8000001e in kvm's supported CPUID (bsc#1114279).\n- kvm: x86: Include multiple indices with CPUID leaf 0x8000001d (bsc#1114279).\n- kvm: x86: Report STibP on GET_SUPPORTED_CPUID (bsc#1111331).\n- kvm: x86: Skip EFER vs. guest CPUID checks for host-initiated writes (bsc#1140972).\n- kvm: x86: fix return value for reserved EFER (bsc#1140992).\n- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).\n- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).\n- leds: avoid flush_work in atomic context (bsc#1051510).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).\n- lib/bitmap.c: make bitmap_parselist() thread-safe and much faster (bsc#1143507).\n- lib/scatterlist: Fix mapping iterator when sg offset is greater than PAGE_SIZE (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- lib: fix stall in __bitmap_parselist() (bsc#1051510).\n- libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk (bsc#1051510).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- libceph, rbd, ceph: move ceph_osdc_alloc_messages() calls (bsc#1135897).\n- libceph, rbd: add error handling for osd_req_op_cls_init() (bsc#1135897). This feature was requested for SLE15 but aws reverted in packaging and master.\n- libceph: assign cookies in linger_submit() (bsc#1135897).\n- libceph: check reply num_data_items in setup_request_data() (bsc#1135897).\n- libceph: do not consume a ref on pagelist in ceph_msg_data_add_pagelist() (bsc#1135897).\n- libceph: enable fallback to ceph_msg_new() in ceph_msgpool_get() (bsc#1135897).\n- libceph: introduce alloc_watch_request() (bsc#1135897).\n- libceph: introduce ceph_pagelist_alloc() (bsc#1135897).\n- libceph: preallocate message data items (bsc#1135897).\n- libcxgb: fix incorrect ppmax calculation (bsc#1136345 jsc#SLE-4681).\n- libnvdimm, pfn: Fix over-trim in trim_pfn_device() (bsc#1140719).\n- libnvdimm/bus: Prevent duplicate device_unregister() calls (bsc#1139865).\n- libnvdimm/namespace: Fix label tracking error (bsc#1142350).\n- libnvdimm/region: Register badblocks before namespaces (bsc#1143209).\n- lightnvm: if LUNs are already allocated fix return (bsc#1085535). \n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).\n- livepatch: Remove custom kobject state handling (bsc#1071995).\n- livepatch: Remove duplicate warning about missing reliable stacktrace support (bsc#1071995 fate#323487).\n- livepatch: Remove duplicated code for early initialization (bsc#1071995).\n- livepatch: Use static buffer for debugging messages under rq lock (bsc#1071995 fate#323487).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mISDN: Check address length before reading address family (bsc#1051510).\n- mISDN: make sure device name is NUL terminated (bsc#1051510).\n- mac80211/cfg80211: update bss channel on channel switch (bsc#1051510).\n- mac80211: Do not use stack memory with scatterlist for GMAC (bsc#1051510).\n- mac80211: Fix kernel panic due to use of txq after free (bsc#1051510).\n- mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode (bsc#1111666).\n- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).\n- mac80211: do not start any work during reconfigure flow (bsc#1111666).\n- mac80211: don't attempt to rename ERR_PTR() debugfs dirs (bsc#1111666).\n- mac80211: drop robust management frames from unknown TA (bsc#1051510).\n- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).\n- mac80211: fix rate reporting inside cfg80211_calculate_bitrate_he() (bsc#1111666).\n- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).\n- mac80211: free peer keys before vif down in mesh (bsc#1111666).\n- mac80211: handle deauthentication/disassociation from TDLS peer (bsc#1051510).\n- mac80211: mesh: fix RCU warning (bsc#1111666).\n- mac80211: only warn once on chanctx_conf being NULL (bsc#1111666).\n- mac8390: Fix mmio access size probe (bsc#1051510).\n- md: batch flush requests (bsc#1119680).\n- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).\n- media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() (bsc#1051510).\n- media: au0828: stop video streaming only when last user stops (bsc#1051510).\n- media: coda: clear error return value before picture run (bsc#1051510).\n- media: cpia2: Fix use-after-free in cpia2_exit (bsc#1051510).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).\n- media: go7007: avoid clang frame overflow warning with KASAN (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend (bsc#1051510).\n- media: marvell-ccic: fix DMA s/g desc number calculation (bsc#1051510).\n- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).\n- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: ov2659: make S_FMT succeed even if requested format doesn't match (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: s5p-mfc: Make additional clocks optional (bsc#1051510).\n- media: saa7146: avoid high stack usage with clang (bsc#1051510).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: smsusb: better handle optional alignment (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: usb: siano: Fix false-positive 'uninitialized variable' warning (bsc#1051510).\n- media: usb: siano: Fix general protection fault in smsusb (bsc#1051510).\n- media: v4l2-ioctl: clear fields in s_parm (bsc#1051510).\n- media: v4l2: Test type instead of cfg type in v4l2_ctrl_new_custom() (bsc#1051510).\n- media: vivid: fix incorrect assignment operation when setting video mode (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- mei: bus: need to unlink client before freeing (bsc#1051510).\n- mei: me: add denverton innovation engine device IDs (bsc#1051510).\n- mei: me: add gemini lake devices id (bsc#1051510).\n- memcg: make it work on sparse non-0-node systems (bnc#1133616).\n- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).\n- memory: tegra: Fix integer overflow on tick value calculation (bsc#1051510).\n- memstick: Fix error cleanup path of memstick_init (bsc#1051510).\n- mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L (bsc#1051510).\n- mfd: hi655x: Fix regmap area declared size for hi655x (bsc#1051510).\n- mfd: intel-lpss: Release IDA resources (bsc#1051510).\n- mfd: intel-lpss: Set the device in reset state when init (bsc#1051510).\n- mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values (bsc#1051510).\n- mfd: tps65912-spi: Add missing of table registration (bsc#1051510).\n- mfd: twl6040: Fix device init errors for ACCCTL register (bsc#1051510).\n- mips: fix an off-by-one in dma_capable (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- mlxsw: core: Add API for QSFP module temperature thresholds reading (bsc#1112374).\n- mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue (bsc#1112374).\n- mlxsw: core: Move ethtool module callbacks to a common location (bsc#1112374).\n- mlxsw: core: Prevent reading unsupported slave address from SFP EEPROM (bsc#1112374).\n- mlxsw: core: mlxsw: core: avoid -Wint-in-bool-context warning (bsc#1112374).\n- mlxsw: pci: Reincrease PCI reset timeout (bsc#1112374).\n- mlxsw: reg: Add Management Temperature Bulk Register (bsc#1112374).\n- mlxsw: spectrum: Move QSFP EEPROM definitions to common location (bsc#1112374).\n- mlxsw: spectrum: Put MC TCs into DWRR mode (bsc#1112374).\n- mlxsw: spectrum_dcb: Configure DSCP map as the last rule is removed (bsc#1112374).\n- mlxsw: spectrum_flower: Fix TOS matching (bsc#1112374).\n- mm, page_alloc: fix has_unmovable_pages for HugePages (bsc#1127034).\n- mm/debug.c: fix __dump_page when mapping host is not set (bsc#1131934).\n- mm/devm_memremap_pages: introduce devm_memunmap_pages (bsc#1103992 FATE#326009).\n- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).\n- mm/nvdimm: add is_ioremap_addr and use that to check ioremap address (bsc#1140322 LTC#176270).\n- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).\n- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).\n- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)\n- mm: fix race on soft-offlining free huge pages (bsc#1139712). \n- mm: hugetlb: delete dequeue_hwpoisoned_huge_page() (bsc#1139712). \n- mm: hugetlb: prevent reuse of hwpoisoned free hugepages (bsc#1139712). \n- mm: hugetlb: soft-offline: dissolve source hugepage after successful migration (bsc#1139712). \n- mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge (bsc#bsc#1139712).\n- mm: hugetlb: soft_offline: save compound page order before page migration (bsc#1139712) \n- mm: hwpoison: change PageHWPoison behavior on hugetlb pages (bsc#1139712). \n- mm: hwpoison: dissolve in-use hugepage in unrecoverable memory error (bsc#1139712). \n- mm: hwpoison: introduce idenfity_page_state (bsc#1139712). \n- mm: hwpoison: introduce memory_failure_hugetlb() (bsc#1139712). \n- mm: migrate: Fix reference check race between __find_get_block() and migration (bnc#1137609).\n- mm: replace all open encodings for NUMA_NO_NODE (bsc#1140322 LTC#176270).\n- mm: soft-offline: close the race against page allocation (bsc#1139712). \n- mm: soft-offline: dissolve free hugepage if soft-offlined (bsc#1139712). \n- mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails (bsc#1139712). \n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- mmc: bcm2835 MMC issues (bsc#1070872).\n- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).\n- mmc: core: Fix tag set memory leak (bsc#1111666).\n- mmc: core: Prevent processing SDIO IRQs when the card is suspended (bsc#1051510).\n- mmc: core: Verify SD bus width (bsc#1051510).\n- mmc: core: complete HS400 before checking status (bsc#1111666).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers (bsc#1051510).\n- mmc: davinci: remove extraneous __init annotation (bsc#1051510).\n- mmc: mmci: Prevent polling for busy detection in IRQ context (bsc#1051510).\n- mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).\n- mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).\n- mmc: sdhci-of-esdhc: add erratum A-009204 support (bsc#1051510).\n- mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support (bsc#1051510).\n- mmc: sdhci-of-esdhc: add erratum eSDHC5 support (bsc#1051510).\n- mmc: sdhci-pci: Try 'cd' for card-detect lookup before using NULL (bsc#1051510).\n- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).\n- mmc: sdhci: Handle auto-command errors (bsc#1051510).\n- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).\n- mmc: tmio_mmc_core: don't claim spurious interrupts (bsc#1051510).\n- mmc_spi: add a status check for spi_sync_locked (bsc#1051510).\n- module: Fix livepatch/ftrace module text permissions race (bsc#1071995 fate#323487).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mt7601u: bump supported EEPROM version (bsc#1051510).\n- mt7601u: do not schedule rx_tasklet when the device has been disconnected (bsc#1111666).\n- mt7601u: fix possible memory leak when the device is disconnected (bsc#1111666).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: docg3: fix a possible memory leak of mtd name (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: Make resume actually do something useful again on SDIO cards (bsc#1111666).\n- mwifiex: don't advertise IBSS features without FW support (bsc#1129770). \n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- net/af_iucv: build proper skbs for HiperTransport (bsc#1142221 LTC#179332).\n- net/af_iucv: remove GFP_DMA restriction for HiperTransport (bsc#1142112 bsc#1142221 LTC#179334 LTC#179332).\n- net/af_iucv: remove GFP_DMA restriction for HiperTransport (bsc#1142112 bsc#1142221 LTC#179334 LTC#179332).\n- net/af_iucv: remove GFP_DMA restriction for HiperTransport (bsc#1142221 LTC#179332).\n- net/ibmvnic: Remove tests of member address (bsc#1137739).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/mlx5: Avoid reloading already removed devices (bsc#1103990 FATE#326006).\n- net/mlx5: FPGA, tls, hold rcu read lock a bit longer (bsc#1103990 FATE#326006).\n- net/mlx5: FPGA, tls, idr remove on flow delete (bsc#1103990 FATE#326006).\n- net/mlx5: Set completion EQs as shared resources (bsc#1103991 FATE#326007).\n- net/mlx5: Update pci error handler entries and command translation (bsc#1103991 FATE#326007).\n- net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled (bsc#1103990 FATE#326006).\n- net/mlx5e: Fix the max MTU check in case of XDP (bsc#1103990 FATE#326006).\n- net/mlx5e: Fix trailing semicolon (bsc#1075020).\n- net/mlx5e: Fix use-after-free after xdp_return_frame (bsc#1103990 FATE#326006).\n- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).\n- net/mlx5e: Rx, Check ip headers sanity (bsc#1103990 FATE#326006).\n- net/mlx5e: Rx, Fix checksum calculation for new hardware (bsc#1127611).\n- net/mlx5e: Rx, Fixup skb checksum for packets with tail padding (bsc#1109837).\n- net/mlx5e: XDP, Fix shifted flag index in RQ bitmap (bsc#1103990 FATE#326006).\n- net/sched: cbs: Fix error path of cbs_module_init (bsc#1109837).\n- net/sched: cbs: fix port_rate miscalculation (bsc#1109837).\n- net/sched: don't dereference a goto_chain to read the chain index (bsc#1064802 bsc#1066129).\n- net/sched: don't dereference a goto_chain to read the chain index (bsc#1064802 bsc#1066129).\n- net/smc: add pnet table namespace support (bsc#1129845 LTC#176252).\n- net/smc: add smcd support to the pnet table (bsc#1129845 LTC#176252).\n- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1129845 LTC#176252).\n- net/smc: allow pnetid-less configuration (bsc#1129845 LTC#176252).\n- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).\n- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1129845 LTC#176252).\n- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).\n- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).\n- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).\n- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).\n- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).\n- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).\n- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).\n- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).\n- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).\n- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).\n- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).\n- net/smc: return booleans instead of integers (bsc#1096003, FATE#325023, LTC#164003).\n- net/smc: rework pnet table (bsc#1129845 LTC#176252).\n- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).\n- net/tls: avoid NULL pointer deref on nskb sk in fallback (bsc#1109837).\n- net/tls: avoid potential deadlock in tls_set_device_offload_rx() (bsc#1109837).\n- net/tls: don't copy negative amounts of data in reencrypt (bsc#1109837).\n- net/tls: don't ignore netdev notifications if no TLS features (bsc#1109837).\n- net/tls: don't leak IV and record seq when offload fails (bsc#1109837).\n- net/tls: don't leak partially sent record in device mode (bsc#1109837).\n- net/tls: fix build without CONFIG_TLS_DEVICE (bsc#1109837).\n- net/tls: fix copy to fragments in reencrypt (bsc#1109837).\n- net/tls: fix page double free on TX cleanup (bsc#1109837).\n- net/tls: fix refcount adjustment in fallback (bsc#1109837).\n- net/tls: fix socket wmem accounting on fallback with netem (bsc#1109837).\n- net/tls: fix state removal with feature flags off (bsc#1109837).\n- net/tls: fix the IV leaks (bsc#1109837).\n- net/tls: free ctx in sock destruct (bsc#1136353 jsc#SLE-4688).\n- net/tls: make sure offload also gets the keys wiped (bsc#1109837).\n- net/tls: prevent bad memory access in tls_is_sk_tx_device_offloaded() (bsc#1109837).\n- net/tls: replace the sleeping lock around RX resync with a bit lock (bsc#1109837).\n- net/udp_gso: Allow TX timestamp with UDP GSO (bsc#1109837).\n- net: Fix missing meta data in skb with vlan packet (bsc#1109837).\n- net: chelsio: Add a missing check on cudg_get_buffer (bsc#1136345 jsc#SLE-4681).\n- net: core: support XDP generic on stacked devices (bsc#1109837).\n- net: cxgb4: fix various indentation issues (bsc#1136345 jsc#SLE-4681).\n- net: don't clear sock sk early to avoid trouble in strparser (bsc#1103990 FATE#326006).\n- net: ena: Fix bug where ring allocation backoff stopped too late (bsc#1138879).\n- net: ena: add MAX_QUEUES_EXT get feature admin command (bsc#1138879).\n- net: ena: add ethtool function for changing io queue sizes (bsc#1138879).\n- net: ena: add good checksum counter (bsc#1138879).\n- net: ena: add handling of llq max tx burst size (bsc#1138879).\n- net: ena: add newline at the end of pr_err prints (bsc#1138879).\n- net: ena: add support for changing max_header_size in LLQ mode (bsc#1138879).\n- net: ena: allow automatic fallback to polling mode (bsc#1138879).\n- net: ena: allow queue allocation backoff when low on memory (bsc#1138879).\n- net: ena: arrange ena_probe() function variables in reverse christmas tree (bsc#1138879).\n- net: ena: enable negotiating larger Rx ring size (bsc#1138879).\n- net: ena: ethtool: add extra properties retrieval via get_priv_flags (bsc#1138879).\n- net: ena: fix ena_com_fill_hash_function() implementation (bsc#1138879).\n- net: ena: fix incorrect test of supported hash function (bsc#1138879).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).\n- net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry (bsc#1138879).\n- net: ena: fix: Free napi resources when ena_up() fails (bsc#1138879).\n- net: ena: fix: set freed objects to NULL to avoid failing future allocations (bsc#1138879).\n- net: ena: gcc 8: fix compilation warning (bsc#1138879).\n- net: ena: improve latency by disabling adaptive interrupt moderation by default (bsc#1138879).\n- net: ena: make ethtool show correct current and max queue sizes (bsc#1138879).\n- net: ena: optimise calculations for CQ doorbell (bsc#1138879).\n- net: ena: remove inline keyword from functions in *.c (bsc#1138879).\n- net: ena: replace free_tx/rx_ids union with single free_ids field in ena_ring (bsc#1138879).\n- net: ena: update driver version from 2.0.3 to 2.1.0 (bsc#1138879).\n- net: ena: use dev_info_once instead of static variable (bsc#1138879).\n- net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set (bsc#1130836).\n- net: hns3: Add handling of MAC tunnel interruption (bsc#1104353 bsc#1134983).\n- net: hns3: Add support for netif message level settings (bsc#1104353 bsc#1134989).\n- net: hns3: Fix inconsistent indenting (bsc#1140676).\n- net: hns3: Make hclge_destroy_cmd_queue static (bsc#1104353 bsc#1137201).\n- net: hns3: Make hclgevf_update_link_mode static (bsc#1104353 bsc#1137201).\n- net: hns3: add counter for times RX pages gets allocated (bsc#1104353 bsc#1134947).\n- net: hns3: add error handler for initializing command queue (bsc#1104353 bsc#1135058).\n- net: hns3: add function type check for debugfs help information (bsc#1104353 bsc#1134980).\n- net: hns3: add hns3_gro_complete for HW GRO process (bsc#1104353 bsc#1135051).\n- net: hns3: add linearizing checking for TSO case (bsc#1104353 bsc#1134947).\n- net: hns3: add queue's statistics update to service task (bsc#1104353 bsc#1134981).\n- net: hns3: add reset statistics for VF (bsc#1104353 bsc#1134995).\n- net: hns3: add reset statistics info for PF (bsc#1104353 bsc#1134995).\n- net: hns3: add some debug info for hclgevf_get_mbx_resp() (bsc#1104353 bsc#1134994).\n- net: hns3: add some debug information for hclge_check_event_cause (bsc#1104353 bsc#1134994).\n- net: hns3: add support for dump ncl config by debugfs (bsc#1104353 bsc#1134987).\n- net: hns3: adjust the timing of hns3_client_stop when unloading (bsc#1104353 bsc#1137201).\n- net: hns3: always assume no drop TC for performance reason (bsc#1104353 bsc#1135049).\n- net: hns3: check 1000M half for hns3_ethtool_ops.set_link_ksettings (bsc#1104353 bsc#1137201).\n- net: hns3: check resetting status in hns3_get_stats() (bsc#1104353 bsc#1137201).\n- net: hns3: code optimization for command queue' spin lock (bsc#1104353 bsc#1135042).\n- net: hns3: combine len and checksum handling for inner and outer header (bsc#1104353 bsc#1134947).\n- net: hns3: deactive the reset timer when reset successfully (bsc#1104353 bsc#1137201).\n- net: hns3: divide shared buffer between TC (bsc#1104353 bsc#1135047).\n- net: hns3: do not initialize MDIO bus when PHY is inexistent (bsc#1104353 bsc#1135045).\n- net: hns3: do not request reset when hardware resetting (bsc#1104353 bsc#1137201).\n- net: hns3: dump more information when tx timeout happens (bsc#1104353 bsc#1134990).\n- net: hns3: fix VLAN offload handle for VLAN inserted by port (bsc#1104353 bsc#1135053).\n- net: hns3: fix data race between ring next_to_clean (bsc#1104353 bsc#1134975 bsc#1134945).\n- net: hns3: fix data race between ring next_to_clean (bsc#1104353 bsc#1134975 bsc#1134945).\n- net: hns3: fix for HNS3_RXD_GRO_SIZE_M macro (bsc#1104353 bsc#1137201).\n- net: hns3: fix for tunnel type handling in hns3_rx_checksum (bsc#1104353 bsc#1134946).\n- net: hns3: fix for vport bw_limit overflow problem (bsc#1104353 bsc#1134998).\n- net: hns3: fix keep_alive_timer not stop problem (bsc#1104353 bsc#1135055).\n- net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() (bsc#1104353 bsc#1134990).\n- net: hns3: fix pause configure fail problem (bsc#1104353 bsc#1134951 bsc#1134951).\n- net: hns3: fix set port based VLAN for PF (bsc#1104353 bsc#1135053).\n- net: hns3: fix set port based VLAN issue for VF (bsc#1104353 bsc#1135053).\n- net: hns3: fix sparse: warning when calling hclge_set_vlan_filter_hw() (bsc#1104353 bsc#1134999).\n- net: hns3: free the pending skb when clean RX ring (bsc#1104353 bsc#1135044).\n- net: hns3: handle pending reset while reset fail (bsc#1104353 bsc#1135058).\n- net: hns3: handle the BD info on the last BD of the packet (bsc#1104353 bsc#1134974).\n- net: hns3: ignore lower-level new coming reset (bsc#1104353 bsc#1137201).\n- net: hns3: minor refactor for hns3_rx_checksum (bsc#1104353 bsc#1135052).\n- net: hns3: modify VLAN initialization to be compatible with port based VLAN (bsc#1104353 bsc#1135053).\n- net: hns3: modify the VF network port media type acquisition method (bsc#1104353 bsc#1137201).\n- net: hns3: not reset TQP in the DOWN while VF resetting (bsc#1104353 bsc#1134952).\n- net: hns3: not reset vport who not alive when PF reset (bsc#1104353 bsc#1137201).\n- net: hns3: optimize the barrier using when cleaning TX BD (bsc#1104353 bsc#1134945).\n- net: hns3: prevent change MTU when resetting (bsc#1104353 bsc#1137201).\n- net: hns3: prevent double free in hns3_put_ring_config() (bsc#1104353 bsc#1134950).\n- net: hns3: reduce resources use in kdump kernel (bsc#1104353 bsc#1137201).\n- net: hns3: refactor BD filling for l2l3l4 info (bsc#1104353 bsc#1134947).\n- net: hns3: refine tx timeout count handle (bsc#1104353 bsc#1134990).\n- net: hns3: remove reset after command send failed (bsc#1104353 bsc#1134949).\n- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).\n- net: hns3: return 0 and print warning when hit duplicate MAC (bsc#1104353 bsc#1137201).\n- net: hns3: set dividual reset level for all RAS and MSI-X errors (bsc#1104353 bsc#1135046).\n- net: hns3: set up the vport alive state while reinitializing (bsc#1104353 bsc#1137201).\n- net: hns3: set vport alive state to default while resetting (bsc#1104353 bsc#1137201).\n- net: hns3: some cleanup for struct hns3_enet_ring (bsc#1104353 bsc#1134947).\n- net: hns3: stop mailbox handling when command queue need re-init (bsc#1104353 bsc#1135058).\n- net: hns3: stop sending keep alive msg when VF command queue needs reinit (bsc#1104353 bsc#1134972).\n- net: hns3: unify maybe_stop_tx for TSO and non-TSO case (bsc#1104353 bsc#1134947).\n- net: hns3: unify the page reusing for page size 4K and 64K (bsc#1104353 bsc#1134947).\n- net: hns3: use atomic_t replace u32 for arq's count (bsc#1104353 bsc#1134953).\n- net: hns3: use devm_kcalloc when allocating desc_cb (bsc#1104353 bsc#1134947).\n- net: hns3: use napi_schedule_irqoff in hard interrupts handlers (bsc#1104353 bsc#1134947).\n- net: hns: Fix WARNING when remove HNS driver with SMMU enabled (bsc#1140676).\n- net: hns: Fix loopback test failed at copper ports (bsc#1140676).\n- net: hns: Fix probabilistic memory overwrite when HNS driver initialized (bsc#1140676).\n- net: hns: Use NAPI_POLL_WEIGHT for hns driver (bsc#1140676).\n- net: hns: fix ICMP6 neighbor solicitation messages discard problem (bsc#1140676).\n- net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() (bsc#1140676).\n- net: hns: fix unsigned comparison to less than zero (bsc#1140676).\n- net: mvpp2: Use strscpy to handle stat strings (bsc#1098633).\n- net: mvpp2: Use strscpy to handle stat strings (bsc#1098633).\n- net: mvpp2: prs: Fix parser range for VID filtering (bsc#1098633).\n- net: mvpp2: prs: Fix parser range for VID filtering (bsc#1098633).\n- net: mvpp2: prs: Use the correct helpers when removing all VID filters (bsc#1098633).\n- net: mvpp2: prs: Use the correct helpers when removing all VID filters (bsc#1098633).\n- net: phy: marvell10g: report if the PHY fails to boot firmware (bsc#1119113 FATE#326472).\n- net: phy: marvell: Enable interrupt function on LED2 pin (bsc#1135018).\n- net: phy: marvell: add new default led configure for m88e151x (bsc#1135018).\n- net: phy: marvell: change default m88e1510 LED configuration (bsc#1135018).\n- net: smc_close: mark expected switch fall-through (bsc#1096003, FATE#325023, LTC#164003).\n- net: tls, correctly account for copied bytes with multiple sk_msgs (bsc#1109837).\n- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).\n- net: use indirect call wrappers at GRO network layer (bsc#1124503).\n- net: use indirect call wrappers at GRO transport layer (bsc#1124503).\n- new primitive: vmemdup_user() (jsc#SLE-4712 bsc#1136156).\n- nfit/ars: Allow root to busy-poll the ARS state machine (bsc#1140814).\n- nfp: bpf: fix static check error through tightening shift amount adjustment (bsc#1109837).\n- nfp: flower: add rcu locks when accessing netdev for tunnels (bsc#1109837).\n- nfs: Fix dentry revalidation on nfsv4 lookup (bsc#1132618).\n- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).\n- nl80211: fix station_info pertid memory leak (bsc#1051510).\n- nvme-fc: use separate work queue to avoid warning (bsc#1131673).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1130937).\n- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).\n- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).\n- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).\n- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).\n- nvme: Do not remove namespaces during reset (bsc#1131673).\n- nvme: add proper discard setup for the multipath device (bsc#1114638).\n- nvme: copy MTFA field from identify controller (bsc#1140715).\n- nvme: fix memory leak caused by incorrect subsystem free (bsc#1143185).\n- nvme: fix the dangerous reference of namespaces list (bsc#1131673).\n- nvme: flush scan_work when resetting controller (bsc#1131673).\n- nvme: make sure ns head inherits underlying device limits (bsc#1131673).\n- nvme: only reconfigure discard if necessary (bsc#1114638).\n- nvme: skip nvme_update_disk_info() if the controller is not live (bsc#1128432).\n- nvmem: Don't let a NULL cell_id for nvmem_cell_get() crash us (bsc#1051510).\n- nvmem: allow to select i.MX nvmem driver for i.MX 7D (bsc#1051510).\n- nvmem: core: fix read buffer in place (bsc#1051510).\n- nvmem: correct Broadcom OTP controller driver writes (bsc#1051510).\n- nvmem: imx-ocotp: Add i.MX7D timing write clock setup support (bsc#1051510).\n- nvmem: imx-ocotp: Add support for banked OTP addressing (bsc#1051510).\n- nvmem: imx-ocotp: Enable i.MX7D OTP write support (bsc#1051510).\n- nvmem: imx-ocotp: Move i.MX6 write clock setup to dedicated function (bsc#1051510).\n- nvmem: imx-ocotp: Pass parameters via a struct (bsc#1051510).\n- nvmem: imx-ocotp: Restrict OTP write to IMX6 processors (bsc#1051510).\n- nvmem: imx-ocotp: Update module description (bsc#1051510).\n- nvmem: properly handle returned value nvmem_reg_read (bsc#1051510).\n- objtool: Fix function fallthrough detection (bsc#1058115).\n- ocfs2: add first lock wait time in locking_state (bsc#1134390).\n- ocfs2: add last unlock times in locking_state (bsc#1134390).\n- ocfs2: add locking filter debugfs file (bsc#1134390).\n- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).\n- ocfs2: try to reuse extent block in dealloc without meta_alloc (bsc#1128902).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- overflow: Fix -Wtype-limits compilation warnings (bsc#1111666).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- p54usb: Fix race between disconnect and firmware loading (bsc#1111666).\n- parport: Fix mem leak in parport_register_dev_model (bsc#1051510).\n- pci / PM: Use SMART_SUSPEND and LEAVE_SUSPENDED flags for PCIe ports (bsc#1142623).\n- pci/aer: Use cached AER Capability offset (bsc#1142623).\n- pci/p2pdma: Fix missing check for dma_virt_ops (bsc#1111666).\n- pci/portdrv: Add #defines for AER and DPC Interrupt Message Number masks (bsc#1142623).\n- pci/portdrv: Consolidate comments (bsc#1142623).\n- pci/portdrv: Disable port driver in compat mode (bsc#1142623).\n- pci/portdrv: Remove pcie_portdrv_err_handler.slot_reset (bsc#1142623).\n- pci/portdrv: Support PCIe services on subtractive decode bridges (bsc#1142623).\n- pci/portdrv: Use conventional Device ID table formatting (bsc#1142623).\n- pci: Init PCIe feature bits for managed host bridge alloc (bsc#1111666).\n- pci: hv: Add hv_pci_remove_slots() when we unload the driver (bsc#1142701).\n- pci: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary (bsc#1142701).\n- pci: hv: Fix a memory leak in hv_eject_device_work() (bsc#1142701).\n- pci: hv: Fix a use-after-free bug in hv_eject_device_work() (bsc#1142701).\n- pci: hv: Fix return value check in hv_pci_assign_slots() (bsc#1142701).\n- pci: hv: Remove unused reason for refcount handler (bsc#1142701).\n- pci: hv: support reporting serial number as slot information (bsc#1142701).\n- pci: pciehp: Convert to threaded IRQ (bsc#1133005).\n- pci: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).\n- pci: pciehp: Tolerate Presence Detect hardwired to zero (bsc#1133016).\n- pci: portdrv: Restore PCI config state on slot reset (bsc#1142623).\n- perf/x86/amd: Add event map for AMD Family 17h (bsc#1134223).\n- perf/x86/amd: Update generic hardware cache events for Family 17h (bsc#1134223).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs (bsc#1051510).\n- pinctrl/amd: add get_direction handler (bsc#1140463).\n- pinctrl/amd: fix gpio irq level in debugfs (bsc#1140463).\n- pinctrl/amd: fix masking of GPIO interrupts (bsc#1140463).\n- pinctrl/amd: make functions amd_gpio_suspend and amd_gpio_resume static (bsc#1140463).\n- pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type (bsc#1140463).\n- pinctrl/amd: poll InterruptEnable bits in enable_irq (bsc#1140463).\n- pkey: Indicate old mkvp only if old and current mkvp are different (bsc#1137827 LTC#178090).\n- platform/chrome: cros_ec_proto: check for NULL transfer function (bsc#1051510).\n- platform/mellanox: Add TmFifo driver for Mellanox BlueField Soc (bsc#1136333 jsc#SLE-4994).\n- platform/mellanox: Add new ODM system types to mlx-platform (bsc#1112374).\n- platform/mellanox: mlxreg-hotplug: Add devm_free_irq call to remove flow (bsc#1111666).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: asus-nb-wmi: Support ALS on the Zenbook UX430UQ (bsc#1051510).\n- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi (bsc#1051510).\n- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: mlx-platform: Add ASIC hotplug device configuration (bsc#1112374).\n- platform/x86: mlx-platform: Add LED platform driver activation (bsc#1112374).\n- platform/x86: mlx-platform: Add UID LED for the next generation systems (bsc#1112374).\n- platform/x86: mlx-platform: Add definitions for new registers (bsc#1112374).\n- platform/x86: mlx-platform: Add extra CPLD for next generation systems (bsc#1112374).\n- platform/x86: mlx-platform: Add mlx-wdt platform driver activation (bsc#1112374).\n- platform/x86: mlx-platform: Add mlxreg-fan platform driver activation (bsc#1112374).\n- platform/x86: mlx-platform: Add mlxreg-io platform driver activation (bsc#1112374).\n- platform/x86: mlx-platform: Add support for fan capability registers (bsc#1112374).\n- platform/x86: mlx-platform: Add support for fan direction register (bsc#1112374).\n- platform/x86: mlx-platform: Add support for new VMOD0007 board name (bsc#1112374).\n- platform/x86: mlx-platform: Add support for tachometer speed register (bsc#1112374).\n- platform/x86: mlx-platform: Allow mlxreg-io driver activation for more systems (bsc#1112374).\n- platform/x86: mlx-platform: Allow mlxreg-io driver activation for new systems (bsc#1112374).\n- platform/x86: mlx-platform: Change mlxreg-io configuration for MSN274x systems (bsc#1112374).\n- platform/x86: mlx-platform: Convert to use SPDX identifier (bsc#1112374).\n- platform/x86: mlx-platform: Fix LED configuration (bsc#1112374).\n- platform/x86: mlx-platform: Fix access mode for fan_dir attribute (bsc#1112374).\n- platform/x86: mlx-platform: Fix copy-paste error in mlxplat_init() (bsc#1112374).\n- platform/x86: mlx-platform: Fix parent device in i2c-mux-reg device registration (bsc#1051510).\n- platform/x86: mlx-platform: Fix tachometer registers (bsc#1112374).\n- platform/x86: mlx-platform: Remove unused define (bsc#1112374).\n- platform/x86: mlx-platform: Rename new systems product names (bsc#1112374).\n- platform/x86: pmc_atom: Add CB4063 Beckhoff Automation board to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- platform_data/mlxreg: Add capability field to core platform data (bsc#1112374).\n- platform_data/mlxreg: Document fixes for core platform data (bsc#1112374).\n- platform_data/mlxreg: additions for Mellanox watchdog driver (bsc#1112374).\n- pm: acpi/PCI: Resume all devices during hibernation (bsc#1111666).\n- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).\n- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).\n- power: supply: max14656: fix potential use-before-alloc (bsc#1051510).\n- power: supply: sysfs: prevent endless uevent loop with CONFIG_POWER_SUPPLY_DEBUG (bsc#1051510).\n- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).\n- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).\n- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).\n- powerpc/64s: Remove POWER9 DD1 support (bsc#1055117, LTC#159753, FATE#323286, git-fixes).\n- powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild (bsc#1138374, LTC#178199).\n- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).\n- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).\n- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).\n- powerpc/mm/drconf: Use NUMA_NO_NODE on failures instead of node 0 (bsc#1140322 LTC#176270).\n- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).\n- powerpc/mm/hugetlb: Update huge_ptep_set_access_flags to call __ptep_set_access_flags directly (bsc#1055117).\n- powerpc/mm/radix: Change pte relax sequence to handle nest MMU hang (bsc#1055117).\n- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, fate#323286, git-fixes).\n- powerpc/mm/radix: Move function from radix.h to pgtable-radix.c (bsc#1055117).\n- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, fate#323286, git-fixes).\n- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).\n- powerpc/mm: Change function prototype (bsc#1055117).\n- powerpc/mm: Check secondary hash page table (bsc#1065729).\n- powerpc/mm: Consolidate numa_enable check and min_common_depth check (bsc#1140322 LTC#176270).\n- powerpc/mm: Fix node look up with numa=off boot (bsc#1140322 LTC#176270).\n- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, fate#323286, git-fixes).\n- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).\n- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).\n- powerpc/numa: improve control of topology updates (bsc#1133584).\n- powerpc/papr_scm: Force a scm-unbind if initial scm-bind fails (bsc#1140322 LTC#176270).\n- powerpc/papr_scm: Update drc_pmem_unbind() to use H_SCM_UNBIND_ALL (bsc#1140322 LTC#176270).\n- powerpc/perf: Add PM_LD_MISS_L1 and PM_BR_2PATH to power9 event list (bsc#1137728, LTC#178106).\n- powerpc/perf: Add POWER9 alternate PM_RUN_CYC and PM_RUN_INST_CMPL events (bsc#1137728, LTC#178106).\n- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).\n- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).\n- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).\n- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).\n- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).\n- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).\n- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).\n- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).\n- powerpc/powernv: Don't reprogram SLW image on every KVM guest entry/exit (bsc#1061840).\n- powerpc/powernv: Make opal log only readable by root (bsc#1065729).\n- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).\n- powerpc/process: Fix sparse address space warnings (bsc#1065729).\n- powerpc/pseries/mobility: prevent cpu hotplug during DT update (bsc#1138374, LTC#178199).\n- powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration (bsc#1138374, LTC#178199).\n- powerpc/pseries: Fix oops in hotplug memory notifier (bsc#1138375, LTC#178204).\n- powerpc/pseries: Update SCM hcall op-codes in hvcall.h (bsc#1140322 LTC#176270).\n- powerpc/rtas: retry when cpu offline races with suspend/migration (bsc#1140428, LTC#178808).\n- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).\n- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).\n- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).\n- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).\n- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).\n- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).\n- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).\n- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945 bsc#1141401 bsc#1141402 bsc#1141452 bsc#1141453 bsc#1141454 LTC#178983 LTC#179191 LTC#179192 LTC#179193 LTC#179194 LTC#179195).\n- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).\n- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).\n- powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bsc#1061840).\n- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).\n- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).\n- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).\n- ppc: Convert mmu context allocation to new IDA API (bsc#1139619 LTC#178538).\n- ppp: mppe: Add softdep to arc4 (bsc#1088047).\n- proc/kcore: don't bounds check against address 0 (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Don't disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: stm32: Use 3 cells of_xlate() (bsc#1111666).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'faspath' 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: fix spelling mistake 'inculde' 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qedi: Use hwfns and affin_hwfn_idx to get MSI-X vector index (jsc#SLE-4693 bsc#1136462).\n- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128971).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qla2xxx: kABI fixes for v10.00.00.14-k (bsc#1136215).\n- qla2xxx: kABI fixes for v10.01.00.15-k (bsc#1136215).\n- qlcnic: Avoid potential NULL pointer dereference (bsc#1051510).\n- qlcnic: remove assumption that vlan_tci != 0 (bsc#1136469 jsc#SLE-4695).\n- qlcnic: remove set but not used variables 'cur_rings, max_hw_rings, tx_desc_info' (bsc#1136469 jsc#SLE-4695).\n- qlcnic: remove set but not used variables 'op, cmd_op' (bsc#1136469 jsc#SLE-4695).\n- qmi_wwan: Add quirk for Quectel dynamic config (bsc#1051510).\n- qmi_wwan: Fix out-of-bounds read (bsc#1111666).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- qmi_wwan: add network device usage statistics for qmimux devices (bsc#1051510).\n- qmi_wwan: add support for QMAP padding in the RX path (bsc#1051510).\n- qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode (bsc#1051510).\n- qmi_wwan: extend permitted QMAP mux_id value range (bsc#1051510).\n- rapidio: fix a NULL pointer dereference when create_workqueue() fails (bsc#1051510).\n- rbd: do not assert on writes to snapshots (bsc#1137985 bsc#1138681).\n- rbd: do not assert on writes to snapshots (bsc#1137985 bsc#1138681).\n- rdma/cxbg: Use correct sizing on buffers holding page DMA addresses (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).\n- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).\n- rdma/cxgb4: Add support for srq functions and structs (bsc#1127371).\n- rdma/cxgb4: Don't expose DMA addresses (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Fix null pointer dereference on alloc_skb failure (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Fix spelling mistake 'immedate' 'immediate' (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).\n- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).\n- rdma/cxgb4: Remove kref accounting for sync operation (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: Use sizeof() notation (bsc#1136348 jsc#SLE-4684).\n- rdma/cxgb4: fix some info leaks (bsc#1127371).\n- rdma/hns: Add SCC context allocation support for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Add SCC context clr support for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Add constraint on the setting of local ACK timeout (bsc#1104427 bsc#1137233).\n- rdma/hns: Add the process of AEQ overflow for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Add timer allocation support for hip08 (bsc#1104427 bsc#1126206).\n- rdma/hns: Bugfix for SCC hem free (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for mapping user db (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for posting multiple srq work request (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for sending with invalidate (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for set hem of SCC (bsc#1104427 bsc#1137236).\n- rdma/hns: Bugfix for the scene without receiver queue (bsc#1104427 bsc#1137233).\n- rdma/hns: Configure capacity of hns device (bsc#1104427 bsc#1137236).\n- rdma/hns: Delete useful prints for aeq subtype event (bsc#1104427 bsc#1126206).\n- rdma/hns: Fix the Oops during rmmod or insmod ko when reset occurs (bsc#1104427 bsc#1137232).\n- rdma/hns: Fix the bug with updating rq head pointer when flush cqe (bsc#1104427 bsc#1137233).\n- rdma/hns: Fix the chip hanging caused by sending doorbell during reset (bsc#1104427 bsc#1137232).\n- rdma/hns: Fix the chip hanging caused by sending mailbox CMQ during reset (bsc#1104427 bsc#1137232).\n- rdma/hns: Fix the state of rereg mr (bsc#1104427 bsc#1137236).\n- rdma/hns: Hide error print information with roce vf device (bsc#1104427 bsc#1137236).\n- rdma/hns: Limit minimum ROCE CQ depth to 64 (bsc#1104427 bsc#1137236).\n- rdma/hns: Make some function static (bsc#1104427 bsc#1126206).\n- rdma/hns: Modify qp specification according to UM (bsc#1104427 bsc#1137233).\n- rdma/hns: Modify the pbl ba page size for hip08 (bsc#1104427 bsc#1137233).\n- rdma/hns: Move spin_lock_irqsave to the correct place (bsc#1104427 bsc#1137236).\n- rdma/hns: Remove jiffies operation in disable interrupt context (bsc#1104427 bsc#1137236).\n- rdma/hns: Remove set but not used variable 'rst' (bsc#1104427 bsc#1126206).\n- rdma/hns: Set allocated memory to zero for wrid (bsc#1104427 bsc#1137236).\n- rdma/hns: Update CQE specifications (bsc#1104427 bsc#1137236).\n- rdma/hns: rdma/hns: Assign rq head pointer when enable rq record db (bsc#1104427 bsc#1137236).\n- rdma/iw_cxgb4: Always disconnect when QP is transitioning to TERMINATE state (bsc#1136348 jsc#SLE-4684).\n- rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).\n- rdma/iwcm: add tos_set bool to iw_cm struct (bsc#1136348 jsc#SLE-4684).\n- rdma/qedr: Fix incorrect device rate (bsc#1136188).\n- rdma/qedr: Fix out of bounds index check in query pkey (bsc#1136456 jsc#SLE-4689).\n- rdma/smc: Replace ib_query_gid with rdma_get_gid_attr (bsc#1131530 LTC#176717).\n- regulator: s2mps11: Fix buck7 and buck8 wrong voltages (bsc#1051510).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- ring-buffer: Check if memory is available before allocation (bsc#1132531).\n- rpm/post.sh: correct typo in err msg (bsc#1137625)\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtc: 88pm860x: prevent use-after-free on device remove (bsc#1051510).\n- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).\n- rtc: don't reference bogus function pointer in kdoc (bsc#1051510).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).\n- rtlwifi: fix a potential NULL pointer dereference (bsc#1051510).\n- rtlwifi: fix potential NULL pointer dereference (bsc#1111666).\n- rtlwifi: rtl8192cu: fix error handle when usb probe failed (bsc#1111666).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- s390/airq: provide cacheline aligned ivs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/airq: recognize directed interrupts (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/airq: use DMA memory for adapter interrupts (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- s390/cio: add basic protected virtualization support (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- s390/cio: introduce DMA pools to cio (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- s390/cpumf: Add extended counter set definitions for model 8561 and 8562 (bsc#1142052 LTC#179320).\n- s390/dasd: fix panic for failed online processing (bsc#1132589).\n- s390/dasd: fix using offset into zero size array error (bsc#1051510).\n- s390/dma: provide proper ARCH_ZONE_DMA_BITS value (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- s390/ism: move oddities of device IO to wrapper function (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).\n- s390/jump_label: Use 'jdd' constraint on gcc9 (bsc#1138589).\n- s390/mm: force swiotlb for protected virtualization (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- s390/pci: add parameter to disable usage of MIO instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).\n- s390/pci: add parameter to force floating irqs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pci: clarify interrupt vector usage (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pci: fix assignment of bus resources (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).\n- s390/pci: fix struct definition for set PCI function (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).\n- s390/pci: gather statistics for floating vs directed irqs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pci: mark command line parser data __initdata (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pci: move everything irq related to pci_irq.c (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pci: move io address mapping code to pci_insn.c (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).\n- s390/pci: provide support for CPU directed interrupts (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pci: provide support for MIO instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).\n- s390/pci: remove stale rc (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pci: remove unused define (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).\n- s390/protvirt: add memory sharing for diag 308 set/store (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).\n- s390/protvirt: block kernel command line alteration (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).\n- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).\n- s390/qdio: handle PENDING state for QEBSM devices (bsc#1142119 LTC#179331).\n- s390/qeth: be drop monitor friendly (bsc#1142115 LTC#179337).\n- s390/qeth: be drop monitor friendly (bsc#1142220 LTC#179335).\n- s390/qeth: fix VLAN attribute in bridge_hostnotify udev event (bsc#1051510).\n- s390/qeth: fix race when initializing the IP address table (bsc#1051510).\n- s390/sclp: detect DIRQ facility (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- s390/setup: fix early warning messages (bsc#1051510).\n- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178). \n- s390/uv: introduce guest side ultravisor code (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).\n- s390/virtio: handle find on invalid queue gracefully (bsc#1051510).\n- s390/vtime: steal time exponential moving average (bsc#1119222).\n- s390/zcrypt: Fix wrong dispatching for control domain CPRBs (bsc#1137811 LTC#178088).\n- s390: enable processes for mio instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).\n- s390: remove the unused dma_capable helper (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- s390: show statistics for MSI IRQs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).\n- sbitmap: fix improper use of smp_mb__before_atomic() (bsc#1140658).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- sched/topology: Improve load balancing on AMD EPYC (bsc#1137366).\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi/fc: kABI fixes for new ELS_FPIN definition (bsc#1136217,jsc#SLE-4722).\n- scsi: aacraid: Mark expected switch fall-through (jsc#SLE-4710 bsc#1136161).\n- scsi: aacraid: Mark expected switch fall-throughs (jsc#SLE-4710 bsc#1136161).\n- scsi: aacraid: change event_wait to a completion (jsc#SLE-4710 bsc#1136161).\n- scsi: aacraid: change wait_sem to a completion (jsc#SLE-4710 bsc#1136161).\n- scsi: aacraid: clean up some indentation and formatting issues (jsc#SLE-4710 bsc#1136161).\n- scsi: be2iscsi: be_iscsi: Mark expected switch fall-through (jsc#SLE-4721 bsc#1136264).\n- scsi: be2iscsi: be_main: Mark expected switch fall-through (jsc#SLE-4721 bsc#1136264).\n- scsi: be2iscsi: fix spelling mistake 'Retreiving' 'Retrieving' (jsc#SLE-4721 bsc#1136264).\n- scsi: be2iscsi: lpfc: fix typo (jsc#SLE-4721 bsc#1136264).\n- scsi: be2iscsi: remove unused variable dmsg (jsc#SLE-4721 bsc#1136264).\n- scsi: be2iscsi: switch to generic DMA API (jsc#SLE-4721 bsc#1136264).\n- scsi: core: add new RDAC LENOVO/DE_Series device (bsc#1132390).\n- scsi: csiostor: Remove set but not used variable 'pln' (jsc#SLE-4679 bsc#1136343).\n- scsi: csiostor: csio_wr: mark expected switch fall-through (jsc#SLE-4679 bsc#1136343).\n- scsi: csiostor: drop serial_number usage (jsc#SLE-4679 bsc#1136343).\n- scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() (jsc#SLE-4679 bsc#1136343).\n- scsi: csiostor: fix calls to dma_set_mask_and_coherent() (jsc#SLE-4679 bsc#1136343).\n- scsi: csiostor: fix incorrect dma device in case of vport (jsc#SLE-4679 bsc#1136343).\n- scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (jsc#SLE-4679 bsc#1136343).\n- scsi: csiostor: no need to check return value of debugfs_create functions (jsc#SLE-4679 bsc#1136343).\n- scsi: cxgb4i: add wait_for_completion() (jsc#SLE-4678 bsc#1136342).\n- scsi: cxgbi: KABI: fix handle completion etc (jsc#SLE-4678 bsc#1136342).\n- scsi: cxgbi: remove redundant __kfree_skb call on skb and free cst atid (jsc#SLE-4678 bsc#1136342).\n- scsi: fc: add FPIN ELS definition (bsc#1136217,jsc#SLE-4722).\n- scsi: hisi: KABI ignore new symbols (bsc#1135038).\n- scsi: hisi_sas: Add softreset in hisi_sas_I_T_nexus_reset() (bsc#1135033).\n- scsi: hisi_sas: Adjust the printk format of functions hisi_sas_init_device() (bsc#1135037).\n- scsi: hisi_sas: Do not fail IT nexus reset for Open Reject timeout (bsc#1135033).\n- scsi: hisi_sas: Do not hard reset disk during controller reset (bsc#1135034).\n- scsi: hisi_sas: Fix for setting the PHY linkrate when disconnected (bsc#1135038).\n- scsi: hisi_sas: Remedy inconsistent PHY down state in software (bsc#1135039).\n- scsi: hisi_sas: Send HARD RESET to clear the previous affiliation of STP target port (bsc#1135037).\n- scsi: hisi_sas: Set PHY linkrate when disconnected (bsc#1135038).\n- scsi: hisi_sas: Some misc tidy-up (bsc#1135031).\n- scsi: hisi_sas: Support all RAS events with MSI interrupts (bsc#1135035).\n- scsi: hisi_sas: add host reset interface for test (bsc#1135041).\n- scsi: hisi_sas: allocate different SAS address for directly attached situation (bsc#1135036).\n- scsi: hisi_sas: remove the check of sas_dev status in hisi_sas_I_T_nexus_reset() (bsc#1135037).\n- scsi: hpsa: Use vmemdup_user to replace the open code (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: bump driver version (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: check for lv removal (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: clean up two indentation issues (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: correct device id issues (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: correct device resets (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: correct ioaccel2 chaining (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: correct simple mode (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: fix an uninitialized read and dereference of pointer dev (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: mark expected switch fall-throughs (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: remove timeout from TURs (jsc#SLE-4712 bsc#1136156).\n- scsi: hpsa: switch to generic DMA API (jsc#SLE-4712 bsc#1136156).\n- scsi: ibmvfc: fix WARN_ON during event pool release (bsc#1137458 LTC#178093).\n- scsi: libsas: Do discovery on empty PHY to update PHY info (bsc#1135024).\n- scsi: libsas: Improve vague log in SAS rediscovery (bsc#1135027).\n- scsi: libsas: Inject revalidate event for root port event (bsc#1135026).\n- scsi: libsas: Print expander PHY indexes in decimal (bsc#1135021).\n- scsi: libsas: Stop hardcoding SAS address length (bsc#1135029).\n- scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery (bsc#1135028).\n- scsi: libsas: Try to retain programmed min linkrate for SATA min pathway unmatch fixing (bsc#1135028).\n- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).\n- scsi: lpfc: Add loopback testing to trunking mode (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Annotate switch/case fall-through (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Cancel queued work for an IO when processing a received ABTS (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Change smp_processor_id() into raw_smp_processor_id() (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Convert bootstrap mbx polling from msleep to udelay (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Coordinate adapter error handling with offline handling (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Correct __lpfc_sli_issue_iocb_s4 lockdep check (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Correct boot bios information to FDMI registration (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Correct localport timeout duration error (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Correct nvmet buffer free race condition (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Declare local functions static (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Enhance 6072 log string (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix BFS crash with DIX enabled (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix FDMI fc4type for nvme support (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix FDMI manufacturer attribute value (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix HDMI2 registration string for symbolic name (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix PT2PT PLOGI collison stopping discovery (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix a recently introduced compiler warning (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix alloc context on oas lun creations (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix build error (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix deadlock due to nested hbalock call (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix driver crash in target reset handler (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix duplicate log message numbers (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix error code if kcalloc() fails (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix error codes in lpfc_sli4_pci_mem_setup() (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix fc4type information for FDMI (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix fcp_rsp_len checking on lun reset (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix handling of trunk links state reporting (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix hardlockup in scsi_cmd_iocb_cmpl (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix incorrect logical link speed on trunks when links down (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix indentation and balance braces (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix io lost on host resets (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix kernel warnings related to smp_processor_id() (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix link speed reporting for 4-link trunk (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix location of SCSI ktime counters (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix lpfc_nvmet_mrq attribute handling when 0 (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix mailbox hang on adapter init (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix memory leak in abnormal exit path from lpfc_eq_create (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix missing wakeups on abort threads (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix nvmet async receive buffer replenishment (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix nvmet handling of first burst cmd (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix nvmet handling of received ABTS for unmapped frames (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix nvmet target abort cmd matching (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix oops when driver is loaded with 1 interrupt vector (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix poor use of hardware queues if fewer irq vectors (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix protocol support on G6 and G7 adapters (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fix use-after-free mailbox cmd completion (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Fixup eq_clr_intr references (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Make lpfc_sli4_oas_verify static (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Move trunk_errmsg[] from a header file into a .c file (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Prevent 'use after free' memory overwrite in nvmet LS handling (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Reduce memory footprint for lpfc_queue (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Remove set but not used variable 'phys_id' (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Remove set-but-not-used variables (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Remove unused functions (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Resolve inconsistent check of hdwq in lpfc_scsi_cmd_iocb_cmpl (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Resolve irq-unsafe lockdep heirarchy warning in lpfc_io_free (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Revert message logging on unsupported topology (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Revise message when stuck due to unresponsive adapter (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Rework misleading nvme not supported in firmware message (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Separate CQ processing for nvmet_fc upcalls (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Specify node affinity for queue memory allocation (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Stop adapter if pci errors detected (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Update Copyright in driver version (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Update lpfc version to 12.2.0.1 (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: Update lpfc version to 12.2.0.3 (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: add support for posting FC events on FPIN reception (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: avoid uninitialized variable warning (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: fix 32-bit format string warning (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: fix a handful of indentation issues (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: fix calls to dma_set_mask_and_coherent() (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: fix unused variable warning (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: resolve static checker warning in lpfc_sli4_hba_unset (bsc#1136217,jsc#SLE-4722).\n- scsi: lpfc: use dma_set_mask_and_coherent (bsc#1136217,jsc#SLE-4722).\n- scsi: megaraid_sas: Add support for DEVICE_LIST DCMD in driver (bsc#1136271).\n- scsi: megaraid_sas: Retry reads of outbound_intr_status reg (bsc#1136271).\n- scsi: megaraid_sas: Rework code to get PD and LD list (bsc#1136271).\n- scsi: megaraid_sas: Rework device add code in AEN path (bsc#1136271).\n- scsi: megaraid_sas: Update structures for HOST_DEVICE_LIST DCMD (bsc#1136271).\n- scsi: megaraid_sas: correct an info message (bsc#1136271).\n- scsi: megaraid_sas: driver version update (bsc#1136271).\n- scsi: mpt3sas: Add Atomic RequestDescriptor support on Aero (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Add flag high_iops_queues (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Add missing breaks in switch statements (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Add support for ATLAS PCIe switch (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Add support for NVMe Switch Adapter (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Affinity high iops queues IRQs to local node (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Enable interrupt coalescing on high iops (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Fix kernel panic during expander reset (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Fix typo in request_desript_type (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Improve the threshold value and introduce module param (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Introduce perf_mode module parameter (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Irq poll to avoid CPU hard lockups (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Load balance to improve performance and avoid soft lockups (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Rename mpi endpoint device ID macro (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Update driver version to 27.102.00.00 (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Update driver version to 29.100.00.00 (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Update mpt3sas driver version to 28.100.00.00 (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: Use high iops queues under some circumstances (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: change _base_get_msix_index prototype (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: fix indentation issue (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: function pointers of request descriptor (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: save and use MSI-X index for posting RD (bsc#1125703,jsc#SLE-4717).\n- scsi: mpt3sas: simplify interrupt handler (bsc#1125703,jsc#SLE-4717).\n- scsi: qedf: Add LBA to underrun debug messages (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add a flag to help debugging io_req which could not be cleaned (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add additional checks for io_req sc_cmd validity (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add comment to display logging levels (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add driver state to 'driver_stats' debugfs node (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add missing return in qedf_scsi_done() (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add port_id for fcport into initiate_cleanup debug message (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Add return value to log message if scsi_add_host fails (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Change MSI-X load error message (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Check both the FCF and fabric ID before servicing clear virtual link (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Check for fcoe_libfc_config failure (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Check for tm_flags instead of cmd_type during cleanup (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Check the return value of start_xmit (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Cleanup rrq_work after QEDF_CMD_OUTSTANDING is cleared (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Correctly handle refcounting of rdata (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Do not queue anything if upload is in progress (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Do not send ABTS for under run scenario (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Fix lport may be used uninitialized warning (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Log message if scsi_add_host fails (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Modify flush routine to handle all I/Os and TMF (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Print fcport information on wait for upload timeout (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Print scsi_cmd backpointer in good completion path if the command is still being used (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Remove set but not used variable 'fr_len' (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Update the driver version to 8.37.25.19 (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Update the driver version to 8.37.25.20 (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: Wait for upload and link down processing during soft ctx reset (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: fc_rport_priv reference counting fixes (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: fixup bit operations (bsc#1135542).\n- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).\n- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).\n- scsi: qedf: remove memset/memcpy to nfunc and use func instead (bsc#1136467 jsc#SLE-4694).\n- scsi: qedf: remove set but not used variables (bsc#1136467 jsc#SLE-4694).\n- scsi: qedi: Add packet filter in light L2 Rx path (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: Check for session online before getting iSCSI TLV data (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: Cleanup redundant QEDI_PAGE_SIZE macro definition (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: Fix spelling mistake 'OUSTANDING' 'OUTSTANDING' (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: Move LL2 producer index processing in BH (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: Replace PAGE_SIZE with QEDI_PAGE_SIZE (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: Update driver version to 8.33.0.21 (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: add module param to set ping packet size (jsc#SLE-4693 bsc#1136462).\n- scsi: qedi: remove set but not used variables 'cdev' and 'udev' (jsc#SLE-4693 bsc#1136462).\n- scsi: qla2xxx: Add 28xx flash primary/secondary status/image mechanism (bsc#1136215).\n- scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1136215).\n- scsi: qla2xxx: Add First Burst support for FC-NVMe devices (bsc#1136215).\n- scsi: qla2xxx: Add Serdes support for ISP28XX (bsc#1136215).\n- scsi: qla2xxx: Add fw_attr and port_no SysFS node (bsc#1136215).\n- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).\n- scsi: qla2xxx: Add new FW dump template entry types (bsc#1136215).\n- scsi: qla2xxx: Add protection mask module parameters (bsc#1136215).\n- scsi: qla2xxx: Add support for multiple fwdump templates/segments (bsc#1136215).\n- scsi: qla2xxx: Add support for setting port speed (bsc#1136215).\n- scsi: qla2xxx: Avoid pci IRQ affinity mapping when multiqueue is not supported (bsc#1136215).\n- scsi: qla2xxx: Check for FW started flag before aborting (bsc#1136215).\n- scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path (bsc#1136215).\n- scsi: qla2xxx: Correction and improvement to fwdt processing (bsc#1136215).\n- scsi: qla2xxx: Correctly report max/min supported speeds (bsc#1136215).\n- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).\n- scsi: qla2xxx: Fix DMA error when the DIF sg buffer crosses 4GB boundary (bsc#1136215).\n- scsi: qla2xxx: Fix FC-AL connection target discovery (bsc#1094555).\n- scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bsc#1136215).\n- scsi: qla2xxx: Fix N2N target discovery with Local loop (bsc#1094555).\n- scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() (bsc#1140727).\n- scsi: qla2xxx: Fix code indentation for qla27xx_fwdt_entry (bsc#1136215).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).\n- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bsc#1140728).\n- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).\n- scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (bsc#1136215).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- scsi: qla2xxx: Fix read offset in qla24xx_load_risc_flash() (bsc#1136215).\n- scsi: qla2xxx: Fix routine qla27xx_dump_{mpi|ram}() (bsc#1136215).\n- scsi: qla2xxx: Fix unload when NVMe devices are configured (bsc#1136215).\n- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).\n- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).\n- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).\n- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).\n- scsi: qla2xxx: Move debug messages before sending srb preventing panic (bsc#1136215).\n- scsi: qla2xxx: Move marker request behind QPair (bsc#1136215).\n- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).\n- scsi: qla2xxx: Prevent SysFS access when chip is down (bsc#1136215).\n- scsi: qla2xxx: Prevent multiple ADISC commands per session (bsc#1136215).\n- scsi: qla2xxx: Remove FW default template (bsc#1136215).\n- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).\n- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).\n- scsi: qla2xxx: Remove unused symbols (bsc#1118139).\n- scsi: qla2xxx: Secure flash update support for ISP28XX (bsc#1136215).\n- scsi: qla2xxx: Set remote port devloss timeout to 0 (bsc#1136215).\n- scsi: qla2xxx: Simplification of register address used in qla_tmpl.c (bsc#1136215).\n- scsi: qla2xxx: Simplify conditional check again (bsc#1136215).\n- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).\n- scsi: qla2xxx: Update driver version to 10.00.00.14-k (bsc#1136215).\n- scsi: qla2xxx: Update driver version to 10.01.00.15-k (bsc#1136215).\n- scsi: qla2xxx: Update flash read/write routine (bsc#1136215).\n- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).\n- scsi: qla2xxx: avoid printf format warning (bsc#1136215).\n- scsi: qla2xxx: check for kstrtol() failure (bsc#1136215).\n- scsi: qla2xxx: do not crash on uninitialized pool list (boo#1138874).\n- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).\n- scsi: qla2xxx: fix spelling mistake: 'existant' - 'existent' (bsc#1118139).\n- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).\n- scsi: qla2xxx: no need to check return value of debugfs_create functions (bsc#1136215).\n- scsi: qla2xxx: remove redundant null check on pointer sess (bsc#1136215).\n- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).\n- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).\n- scsi: scsi_transport_fc: Add FPIN fc event codes (bsc#1136217,jsc#SLE-4722).\n- scsi: scsi_transport_fc: refactor event posting routines (bsc#1136217,jsc#SLE-4722).\n- scsi: smartpqi: Add retries for device reset (bsc#1133547).\n- scsi: smartpqi: Reporting 'logical unit failure' (bsc#1133547).\n- scsi: smartpqi: add H3C controller IDs (bsc#1133547).\n- scsi: smartpqi: add h3c ssid (bsc#1133547).\n- scsi: smartpqi: add no_write_same for logical volumes (bsc#1133547).\n- scsi: smartpqi: add ofa support (bsc#1133547).\n- scsi: smartpqi: add smp_utils support (bsc#1133547).\n- scsi: smartpqi: add spdx (bsc#1133547).\n- scsi: smartpqi: add support for PQI Config Table handshake (bsc#1133547).\n- scsi: smartpqi: add support for huawei controllers (bsc#1133547).\n- scsi: smartpqi: add sysfs attributes (bsc#1133547).\n- scsi: smartpqi: allow for larger raid maps (bsc#1133547).\n- scsi: smartpqi: bump driver version (bsc#1133547).\n- scsi: smartpqi: bump driver version (bsc#1133547).\n- scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() (bsc#1133547).\n- scsi: smartpqi: check for null device pointers (bsc#1133547).\n- scsi: smartpqi: correct host serial num for ssa (bsc#1133547).\n- scsi: smartpqi: correct lun reset issues (bsc#1133547).\n- scsi: smartpqi: correct volume status (bsc#1133547).\n- scsi: smartpqi: do not offline disks for transient did no connect conditions (bsc#1133547).\n- scsi: smartpqi: enhance numa node detection (bsc#1133547).\n- scsi: smartpqi: fix build warnings (bsc#1133547).\n- scsi: smartpqi: fix disk name mount point (bsc#1133547).\n- scsi: smartpqi: fully convert to the generic DMA API (bsc#1133547).\n- scsi: smartpqi: increase LUN reset timeout (bsc#1133547).\n- scsi: smartpqi: increase fw status register read timeout (bsc#1133547).\n- scsi: smartpqi: refactor sending controller raid requests (bsc#1133547).\n- scsi: smartpqi: turn off lun data caching for ptraid (bsc#1133547).\n- scsi: smartpqi: update copyright (bsc#1133547).\n- scsi: smartpqi: update driver version (bsc#1133547).\n- scsi: smartpqi: wake up drives after os resumes from suspend (bsc#1133547).\n- scsi: smartpqi_init: fix boolean expression in pqi_device_remove_start (bsc#1133547).\n- scsi: target/iblock: Fix overrun in WRITE SAME emulation (bsc#1140424).\n- scsi: target/iblock: Fix overrun in WRITE SAME emulation (bsc#1140424).\n- scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() (bsc#1135296).\n- scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove (bsc#1051510).\n- scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host (bsc#1051510).\n- scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices (bsc#1051510).\n- scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) (bsc#1051510).\n- sctp: silence warns on sctp_stream_init allocations (bsc#1083710).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: sh-sci: disable DMA for uart_console (bsc#1051510).\n- serial: uartps: Do not add a trailing semicolon to macro (bsc#1051510).\n- serial: uartps: Fix long line over 80 chars (bsc#1051510).\n- serial: uartps: Fix multiple line dereference (bsc#1051510).\n- serial: uartps: Remove useless return from cdns_uart_poll_put_char (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).\n- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- soc: mediatek: pwrap: Zero initialize rdata in pwrap_init_cipher (bsc#1051510).\n- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).\n- soc: rockchip: Set the proper PWM for rk3288 (bsc#1051510).\n- spi : spi-topcliff-pch: Fix to handle empty DMA buffers (bsc#1051510).\n- spi-mem: fix kernel-doc for spi_mem_dirmap_{read|write}() (bsc#1111666).\n- spi: Add missing pm_runtime_put_noidle() after failed get (bsc#1111666).\n- spi: Fix zero length xfer bug (bsc#1051510).\n- spi: Micrel eth switch: declare missing of table (bsc#1051510).\n- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi: bitbang: Fix NULL pointer dereference in spi_unregister_master (bsc#1051510).\n- spi: pxa2xx: fix SCR (divisor) calculation (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- spi: spi-fsl-spi: call spi_finalize_current_message() at the end (bsc#1051510).\n- spi: tegra114: reset controller on probe (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: comedi: amplc_pci230: fix null pointer deref on interrupt (bsc#1051510).\n- staging: comedi: dt282x: fix a null pointer deref on interrupt (bsc#1051510).\n- staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix possible double-free of usb_rx_buf (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).\n- staging: comedi: vmk80xx: Fix possible double-free of usb_rx_buf (bsc#1051510).\n- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).\n- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- staging: rtl8712: reduce stack usage, again (bsc#1051510).\n- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).\n- staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bsc#1111666).\n- staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bsc#1111666).\n- staging: vc04_services: prevent integer overflow in create_pagelist() (bsc#1051510).\n- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510). \n- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).\n- staging: wlan-ng: fix adapter initialization failure (bsc#1051510).\n- staging:iio:ad7150: fix threshold mode config bit (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- supported.conf: Add cls_bpf, sch_ingress to kernel-default-base (bsc#1134743).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: added mlxbf_tmfifo (bsc#1136333 jsc#SLE-4994)\n- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).\n- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).\n- svm: Add warning message for AVIC IPI invalid target (bsc#1140133).\n- svm: Add warning message for AVIC IPI invalid target (bsc#1140133).\n- svm: Fix AVIC DFR and LDR handling (bsc#1132558).\n- svm: Fix AVIC incomplete IPI emulation (bsc#1140133).\n- svm: Fix AVIC incomplete IPI emulation (bsc#1140133).\n- sysctl: handle overflow for file-max (bsc#1051510).\n- sysctl: handle overflow in proc_get_long (bsc#1051510).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#1137586).\n- tcp: fix tcp_set_congestion_control() use from bpf hook (bsc#1109837).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- team: Always enable vlan tx offload (bsc#1051510).\n- team: set slave to promisc if team is already in promisc mode (bsc#1051510).\n- testing: nvdimm: provide SZ_4G constant (bsc#1132982).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).\n- thermal: rcar_gen3_thermal: disable interrupt in .remove (bsc#1051510).\n- thunderbolt: Fix to check for kmemdup failure (bsc#1051510).\n- tmpfs: fix link accounting when a tmpfile is linked in (bsc#1051510).\n- tmpfs: fix uninitialized return value in shmem_link (bsc#1051510).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tools: bpftool: Fix json dump crash on powerpc (bsc#1109837).\n- tools: bpftool: fix infinite loop in map create (bsc#1109837).\n- tools: bpftool: use correct argument in cgroup errors (bsc#1109837).\n- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).\n- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).\n- tracing/snapshot: Resize spare buffer if size changed (bsc#1140726).\n- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).\n- tracing: Fix buffer_ref pipe ops (bsc#1133698).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- treewide: Use DEVICE_ATTR_WO (bsc#1137739).\n- tty/vt: fix write/write race in ioctl(KDSKBSENT) handler (bsc#1051510).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: ipwireless: fix missing checks for ioremap (bsc#1051510).\n- tty: max310x: Fix external crystal register setup (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: rocket: fix incorrect forward declaration of 'rp_init()' (bsc#1051510).\n- tty: serial: cpm_uart - fix init when SMC is relocated (bsc#1051510).\n- tty: serial: msm_serial: Fix XON/XOFF (bsc#1051510).\n- tty: serial_core, add install (bnc#1129693).\n- tty: serial_core: Set port active bit in uart_port_activate (bsc#1051510).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510).\n- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown (bsc#1051510).\n- usb: dwc2: Fix DMA cache alignment issues (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).\n- usb: gadget: ether: Fix race between gether_disconnect and rx_submit (bsc#1051510).\n- usb: gadget: fusb300_udc: Fix memory leak of fusb300 ep[i] (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC (bsc#1051510).\n- usb: pci-quirks: Correct AMD PLL quirk detection (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usbip: usbip_host: fix BUG: sleeping function called from invalid context (bsc#1051510).\n- usbip: usbip_host: fix stub_dev lock context imbalance regression (bsc#1051510).\n- usbnet: fix kernel crash after disconnect (bsc#1051510).\n- usbnet: ipheth: fix racing condition (bsc#1051510).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vfio: ccw: only free cp on final interrupt (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).\n- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).\n- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).\n- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).\n- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).\n- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).\n- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).\n- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).\n- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).\n- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).\n- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).\n- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).\n- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).\n- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).\n- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).\n- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).\n- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).\n- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).\n- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).\n- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).\n- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).\n- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- video: hgafb: fix potential NULL pointer dereference (bsc#1051510).\n- video: imsttfb: fix potential NULL pointer dereferences (bsc#1051510).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio/s390: DMA support for virtio-ccw (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- virtio/s390: add indirection to indicators access (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- virtio/s390: make airq summary indicators DMA (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- virtio/s390: use DMA memory for ccw I/O and classic notifiers (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- virtio/s390: use cacheline aligned airq bit vectors (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- virtio/s390: use vring_create_virtqueue (jsc#SLE-6197 bsc#1140559 LTC#173150).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_console: initialize vtermno value for ports (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vlan: disable SIOCSHWTSTAMP in container (bsc#1051510).\n- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vt: always call notifier with the console lock held (bsc#1051510).\n- vxlan: trivial indenting fix (bsc#1051510).\n- vxlan: use __be32 type for the param vni in __vxlan_fdb_delete (bsc#1051510).\n- w1: fix the resume command API (bsc#1051510).\n- watchdog: imx2_wdt: Fix set_timeout for big timeout values (bsc#1051510).\n- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).\n- wil6210: drop old event after wmi_call timeout (bsc#1111666).\n- wil6210: fix potential out-of-bounds read (bsc#1051510).\n- wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext (bsc#1111666).\n- wil6210: fix spurious interrupts in 3-msi (bsc#1111666).\n- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).\n- x86, mm: fix fast GUP with hyper-based TLB flushing (VM Functionality, bsc#1140903).\n- x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor (bsc#1114279).\n- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and pciE SMCA bank types (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).\n- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).\n- x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318). \n- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).\n- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).\n- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).\n- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).\n- x86/mce: Fix machine_check_poll() tests for error types (bsc#1114279).\n- x86/mce: Handle varying MCA bank counts (bsc#1128415).\n- x86/microcode, cpuhotplug: Add a microcode loader CPU hotplug callback (bsc#1114279).\n- x86/microcode: Fix microcode hotplug state (bsc#1114279).\n- x86/microcode: Fix the ancient deprecated microcode loading method (bsc#1114279).\n- x86/mm/mem_encrypt: Disable all instrumentation for early SME setup (bsc#1114279).\n- x86/msr-index: Cleanup bit defines (bsc#1111331).\n- x86/perf/amd: Remove need to check 'running' bit in NMI handler (bsc#1131438).\n- x86/perf/amd: Resolve NMI latency issues for active PMCs (bsc#1131438).\n- x86/perf/amd: Resolve race condition when disabling PMC (bsc#1131438).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86/speculation/mds: Revert CPU buffer clear on double fault exit (bsc#1114279).\n- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).\n- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).\n- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).\n- x86/umip: Make the UMIP activated message generic (bsc#1138336).\n- x86/umip: Print UMIP line only once (bsc#1138336).\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- xdp: check device pointer before clearing (bsc#1109837).\n- xdp: fix possible cq entry leak (bsc#1109837).\n- xdp: fix race on generic receive path (bsc#1109837).\n- xdp: hold device for umem regardless of zero-copy mode (bsc#1109837).\n- xen/pciback: Don't disable PCI_COMMAND on PCI device reset (bsc#1065600).\n- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).\n- xen: let alloc_xenballooned_pages() fail if not enough memory free (bsc#1142450 XSA-300).\n- xen: remove pre-xen3 fallback handlers (bsc#1065600).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xfs: add log item pinning error injection tag (bsc#1114427).\n- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).\n- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).\n- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).\n- xfs: buffer lru reference count error injection tag (bsc#1114427).\n- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).\n- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).\n- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).\n- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).\n- xfs: check _btree_check_block value (bsc#1123663).\n- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).\n- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).\n- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).\n- xfs: create block pointer check functions (bsc#1123663).\n- xfs: create inode pointer verifiers (bsc#1114427).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: do not overflow xattr listent buffer (bsc#1143105).\n- xfs: do not set the page uptodate in xfs_writepage_map (bsc#1138003).\n- xfs: don't clear imap_valid for a non-uptodate buffers (bsc#1138018).\n- xfs: don't look at buffer heads in xfs_add_to_ioend (bsc#1138013).\n- xfs: don't use XFS_BMAPI_ENTRIRE in xfs_get_blocks (bsc#1137999).\n- xfs: don't use XFS_BMAPI_IGSTATE in xfs_map_blocks (bsc#1138005).\n- xfs: eof trim writeback mapping as soon as it is cached (bsc#1138019).\n- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).\n- xfs: export various function for the online scrubber (bsc#1123663).\n- xfs: expose errortag knobs via sysfs (bsc#1114427).\n- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).\n- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).\n- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).\n- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).\n- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).\n- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).\n- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).\n- xfs: fix s_maxbytes overflow problems (bsc#1137996).\n- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).\n- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).\n- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).\n- xfs: force summary counter recalc at next mount (bsc#1114427).\n- xfs: hold xfs_buf locked between shortform leaf conversion and the addition of an attribute (bsc#1133675).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: make errortag a per-mountpoint structure (bsc#1123663).\n- xfs: make xfs_writepage_map extent map centric (bsc#1138009).\n- xfs: minor cleanup for xfs_get_blocks (bsc#1138000).\n- xfs: move all writeback buffer_head manipulation into xfs_map_at_offset (bsc#1138014).\n- xfs: move error injection tags into their own file (bsc#1114427).\n- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).\n- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor btree block header checking functions (bsc#1123663).\n- xfs: refactor btree pointer checks (bsc#1123663).\n- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).\n- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).\n- xfs: refactor the tail of xfs_writepage_map (bsc#1138016).\n- xfs: refactor unmount record write (bsc#1114427).\n- xfs: refactor xfs_trans_roll (bsc#1133667).\n- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).\n- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).\n- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).\n- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).\n- xfs: remove XFS_IO_INVALID (bsc#1138017).\n- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).\n- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).\n- xfs: remove the imap_valid flag (bsc#1138012).\n- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).\n- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).\n- xfs: remove unused parameter from xfs_writepage_map (bsc#1137995).\n- xfs: remove xfs_map_cow (bsc#1138007).\n- xfs: remove xfs_reflink_find_cow_mapping (bsc#1138010).\n- xfs: remove xfs_reflink_trim_irec_to_next_cow (bsc#1138006).\n- xfs: remove xfs_start_page_writeback (bsc#1138015).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).\n- xfs: rename the offset variable in xfs_writepage_map (bsc#1138008).\n- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).\n- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).\n- xfs: sanity-check the unused space before trying to use it (bsc#1123663).\n- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).\n- xfs: simplify xfs_map_blocks by using xfs_iext_lookup_extent directly (bsc#1138011).\n- xfs: skip CoW writes past EOF when writeback races with truncate (bsc#1137998).\n- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).\n- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).\n- xfs: xfs_reflink_convert_cow() memory allocation deadlock (bsc#1138002).\n- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).\n- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).\n- xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() (bsc#1051510).\n- xhci: Use %zu for printing size_t type (bsc#1051510).\n- xhci: update bounce buffer with correct sg num (bsc#1051510).\n- xprtrdma: Fix use-after-free in rpcrdma_post_recvs (bsc#1103992 FATE#326009).\n- xsk: Properly terminate assignment in xskq_produce_flush_desc (bsc#1109837).\n- {nl,mac}80211: allow 4addr AP operation on crypto controlled devices (bsc#1051510).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-2430,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2430,SUSE-SLE-Module-RT-15-SP1-2019-2430", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2430-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:2430-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192430-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:2430-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-September/005952.html", }, { category: "self", summary: "SUSE Bug 1050242", url: "https://bugzilla.suse.com/1050242", }, { category: "self", summary: "SUSE Bug 1050549", url: "https://bugzilla.suse.com/1050549", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1052904", url: "https://bugzilla.suse.com/1052904", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1055121", url: "https://bugzilla.suse.com/1055121", }, { category: "self", summary: "SUSE Bug 1055186", url: "https://bugzilla.suse.com/1055186", }, { category: "self", summary: "SUSE Bug 1056787", url: "https://bugzilla.suse.com/1056787", }, { category: "self", summary: "SUSE Bug 1058115", url: "https://bugzilla.suse.com/1058115", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1064802", url: "https://bugzilla.suse.com/1064802", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066129", url: "https://bugzilla.suse.com/1066129", }, { category: "self", summary: "SUSE Bug 1070872", url: "https://bugzilla.suse.com/1070872", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1075020", url: "https://bugzilla.suse.com/1075020", }, { category: "self", summary: "SUSE Bug 1082387", url: "https://bugzilla.suse.com/1082387", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1083710", url: "https://bugzilla.suse.com/1083710", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1088047", url: "https://bugzilla.suse.com/1088047", }, { category: "self", summary: "SUSE Bug 1088804", url: "https://bugzilla.suse.com/1088804", }, { category: "self", summary: "SUSE Bug 1093389", url: "https://bugzilla.suse.com/1093389", }, { category: "self", summary: "SUSE Bug 1094555", url: "https://bugzilla.suse.com/1094555", }, { category: "self", summary: "SUSE Bug 1096003", url: "https://bugzilla.suse.com/1096003", }, { category: "self", summary: "SUSE Bug 1098633", url: "https://bugzilla.suse.com/1098633", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1102247", url: "https://bugzilla.suse.com/1102247", }, { category: "self", summary: "SUSE Bug 1103186", url: "https://bugzilla.suse.com/1103186", }, { category: "self", summary: "SUSE Bug 1103259", url: "https://bugzilla.suse.com/1103259", }, { category: "self", summary: "SUSE Bug 1103990", url: "https://bugzilla.suse.com/1103990", }, { category: "self", summary: "SUSE Bug 1103991", url: "https://bugzilla.suse.com/1103991", }, { category: "self", summary: "SUSE Bug 1103992", url: "https://bugzilla.suse.com/1103992", }, { category: "self", summary: "SUSE Bug 1104745", url: "https://bugzilla.suse.com/1104745", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1106383", url: "https://bugzilla.suse.com/1106383", }, { category: "self", summary: "SUSE Bug 1106751", url: "https://bugzilla.suse.com/1106751", }, { category: "self", summary: "SUSE Bug 1108193", url: "https://bugzilla.suse.com/1108193", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1108937", url: "https://bugzilla.suse.com/1108937", }, { category: "self", summary: "SUSE Bug 1109837", url: "https://bugzilla.suse.com/1109837", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1111331", url: "https://bugzilla.suse.com/1111331", }, { category: "self", summary: "SUSE Bug 1111666", url: "https://bugzilla.suse.com/1111666", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1112128", url: "https://bugzilla.suse.com/1112128", }, { category: "self", summary: "SUSE Bug 1112178", url: "https://bugzilla.suse.com/1112178", }, { category: "self", summary: "SUSE Bug 1112374", url: "https://bugzilla.suse.com/1112374", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1113956", url: "https://bugzilla.suse.com/1113956", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 1114427", url: "https://bugzilla.suse.com/1114427", }, { category: "self", summary: "SUSE Bug 1114542", url: "https://bugzilla.suse.com/1114542", }, { category: "self", summary: "SUSE Bug 1114638", url: "https://bugzilla.suse.com/1114638", }, { category: "self", summary: "SUSE Bug 1114685", url: "https://bugzilla.suse.com/1114685", }, { category: "self", summary: "SUSE Bug 1115688", url: "https://bugzilla.suse.com/1115688", }, { category: "self", summary: "SUSE Bug 1117114", url: "https://bugzilla.suse.com/1117114", }, { category: "self", summary: "SUSE Bug 1117158", url: "https://bugzilla.suse.com/1117158", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1118139", url: "https://bugzilla.suse.com/1118139", }, { category: "self", summary: "SUSE Bug 1119113", url: "https://bugzilla.suse.com/1119113", }, { category: "self", summary: "SUSE Bug 1119222", url: "https://bugzilla.suse.com/1119222", }, { category: "self", summary: "SUSE Bug 1119532", url: "https://bugzilla.suse.com/1119532", }, { category: "self", summary: "SUSE Bug 1119680", url: "https://bugzilla.suse.com/1119680", }, { category: "self", summary: "SUSE Bug 1120091", url: "https://bugzilla.suse.com/1120091", }, { category: "self", summary: "SUSE Bug 1120318", url: "https://bugzilla.suse.com/1120318", }, { category: "self", summary: "SUSE Bug 1120423", url: "https://bugzilla.suse.com/1120423", }, { category: "self", summary: "SUSE Bug 1120566", url: "https://bugzilla.suse.com/1120566", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122767", url: "https://bugzilla.suse.com/1122767", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1123080", url: "https://bugzilla.suse.com/1123080", }, { category: "self", summary: "SUSE Bug 1123454", url: "https://bugzilla.suse.com/1123454", }, { category: "self", summary: "SUSE Bug 1123663", url: "https://bugzilla.suse.com/1123663", }, { category: "self", summary: "SUSE Bug 1124503", url: "https://bugzilla.suse.com/1124503", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1125703", url: "https://bugzilla.suse.com/1125703", }, { category: "self", summary: "SUSE Bug 1126206", url: "https://bugzilla.suse.com/1126206", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1126704", url: "https://bugzilla.suse.com/1126704", }, { category: "self", summary: "SUSE Bug 1127034", url: "https://bugzilla.suse.com/1127034", }, { category: "self", summary: "SUSE Bug 1127175", url: "https://bugzilla.suse.com/1127175", }, { category: "self", summary: "SUSE Bug 1127315", url: "https://bugzilla.suse.com/1127315", }, { category: "self", summary: "SUSE Bug 1127371", url: "https://bugzilla.suse.com/1127371", }, { category: "self", summary: "SUSE Bug 1127374", url: "https://bugzilla.suse.com/1127374", }, { category: "self", summary: "SUSE Bug 1127611", url: "https://bugzilla.suse.com/1127611", }, { category: "self", summary: "SUSE Bug 1127616", url: "https://bugzilla.suse.com/1127616", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1128415", url: "https://bugzilla.suse.com/1128415", }, { category: "self", summary: "SUSE Bug 1128432", url: "https://bugzilla.suse.com/1128432", }, { category: "self", summary: "SUSE Bug 1128544", url: "https://bugzilla.suse.com/1128544", }, { category: "self", summary: "SUSE Bug 1128902", url: "https://bugzilla.suse.com/1128902", }, { category: "self", summary: "SUSE Bug 1128904", url: "https://bugzilla.suse.com/1128904", }, { category: "self", summary: "SUSE Bug 1128971", url: "https://bugzilla.suse.com/1128971", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129273", url: "https://bugzilla.suse.com/1129273", }, { category: "self", summary: "SUSE Bug 1129693", url: "https://bugzilla.suse.com/1129693", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1129845", url: "https://bugzilla.suse.com/1129845", }, { category: "self", summary: "SUSE Bug 1130195", url: "https://bugzilla.suse.com/1130195", }, { category: "self", summary: "SUSE Bug 1130425", url: "https://bugzilla.suse.com/1130425", }, { category: "self", summary: "SUSE Bug 1130527", url: "https://bugzilla.suse.com/1130527", }, { category: "self", summary: "SUSE Bug 1130567", url: "https://bugzilla.suse.com/1130567", }, { category: "self", summary: "SUSE Bug 1130579", url: "https://bugzilla.suse.com/1130579", }, { category: "self", summary: "SUSE Bug 1130699", url: "https://bugzilla.suse.com/1130699", }, { category: "self", summary: "SUSE Bug 1130836", url: "https://bugzilla.suse.com/1130836", }, { category: "self", summary: "SUSE Bug 1130937", url: "https://bugzilla.suse.com/1130937", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131326", url: "https://bugzilla.suse.com/1131326", }, { category: "self", summary: "SUSE Bug 1131427", url: "https://bugzilla.suse.com/1131427", }, { category: "self", summary: "SUSE Bug 1131438", url: "https://bugzilla.suse.com/1131438", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131467", url: "https://bugzilla.suse.com/1131467", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131530", url: "https://bugzilla.suse.com/1131530", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1131574", url: "https://bugzilla.suse.com/1131574", }, { category: "self", summary: "SUSE Bug 1131587", url: "https://bugzilla.suse.com/1131587", }, { category: "self", summary: "SUSE Bug 1131645", url: "https://bugzilla.suse.com/1131645", }, { category: "self", summary: "SUSE Bug 1131659", url: "https://bugzilla.suse.com/1131659", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1131847", url: "https://bugzilla.suse.com/1131847", }, { category: "self", summary: "SUSE Bug 1131848", url: "https://bugzilla.suse.com/1131848", }, { category: "self", summary: "SUSE Bug 1131851", url: "https://bugzilla.suse.com/1131851", }, { category: "self", summary: "SUSE Bug 1131900", url: "https://bugzilla.suse.com/1131900", }, { category: "self", summary: "SUSE Bug 1131934", url: "https://bugzilla.suse.com/1131934", }, { category: "self", summary: "SUSE Bug 1131935", url: "https://bugzilla.suse.com/1131935", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1132219", url: "https://bugzilla.suse.com/1132219", }, { category: "self", summary: "SUSE Bug 1132226", url: "https://bugzilla.suse.com/1132226", }, { category: "self", summary: "SUSE Bug 1132227", url: "https://bugzilla.suse.com/1132227", }, { category: "self", summary: "SUSE Bug 1132365", url: "https://bugzilla.suse.com/1132365", }, { category: "self", summary: "SUSE Bug 1132368", url: "https://bugzilla.suse.com/1132368", }, { category: "self", summary: "SUSE Bug 1132369", url: "https://bugzilla.suse.com/1132369", }, { category: "self", summary: "SUSE Bug 1132370", url: "https://bugzilla.suse.com/1132370", }, { category: "self", summary: "SUSE Bug 1132372", url: "https://bugzilla.suse.com/1132372", }, { category: "self", summary: "SUSE Bug 1132373", url: "https://bugzilla.suse.com/1132373", }, { category: "self", summary: "SUSE Bug 1132384", url: "https://bugzilla.suse.com/1132384", }, { category: "self", summary: "SUSE Bug 1132390", url: "https://bugzilla.suse.com/1132390", }, { category: "self", summary: "SUSE Bug 1132397", url: "https://bugzilla.suse.com/1132397", }, { category: "self", summary: "SUSE Bug 1132402", url: "https://bugzilla.suse.com/1132402", }, { category: "self", summary: "SUSE Bug 1132403", url: "https://bugzilla.suse.com/1132403", }, { category: "self", summary: "SUSE Bug 1132404", url: "https://bugzilla.suse.com/1132404", }, { category: "self", summary: "SUSE Bug 1132405", url: "https://bugzilla.suse.com/1132405", }, { category: "self", summary: "SUSE Bug 1132407", url: "https://bugzilla.suse.com/1132407", }, { category: "self", summary: "SUSE Bug 1132411", url: "https://bugzilla.suse.com/1132411", }, { category: "self", summary: "SUSE Bug 1132412", url: "https://bugzilla.suse.com/1132412", }, { category: "self", summary: "SUSE Bug 1132413", url: "https://bugzilla.suse.com/1132413", }, { category: "self", summary: "SUSE Bug 1132414", url: "https://bugzilla.suse.com/1132414", }, { category: "self", summary: "SUSE Bug 1132426", url: "https://bugzilla.suse.com/1132426", }, { category: "self", summary: "SUSE Bug 1132527", url: "https://bugzilla.suse.com/1132527", }, { category: "self", summary: "SUSE Bug 1132531", url: "https://bugzilla.suse.com/1132531", }, { category: "self", summary: "SUSE Bug 1132555", url: "https://bugzilla.suse.com/1132555", }, { category: "self", summary: "SUSE Bug 1132558", url: "https://bugzilla.suse.com/1132558", }, { category: "self", summary: "SUSE Bug 1132561", url: "https://bugzilla.suse.com/1132561", }, { category: "self", summary: "SUSE Bug 1132562", url: "https://bugzilla.suse.com/1132562", }, { category: "self", summary: "SUSE Bug 1132563", url: "https://bugzilla.suse.com/1132563", }, { category: "self", summary: "SUSE Bug 1132564", url: "https://bugzilla.suse.com/1132564", }, { category: "self", summary: "SUSE Bug 1132570", url: "https://bugzilla.suse.com/1132570", }, { category: "self", summary: "SUSE Bug 1132571", url: "https://bugzilla.suse.com/1132571", }, { category: "self", summary: "SUSE Bug 1132572", url: "https://bugzilla.suse.com/1132572", }, { category: "self", summary: "SUSE Bug 1132589", url: "https://bugzilla.suse.com/1132589", }, { category: "self", summary: "SUSE Bug 1132618", url: "https://bugzilla.suse.com/1132618", }, { category: "self", summary: "SUSE Bug 1132673", url: "https://bugzilla.suse.com/1132673", }, { category: "self", summary: "SUSE Bug 1132681", url: "https://bugzilla.suse.com/1132681", }, { category: "self", summary: "SUSE Bug 1132726", url: "https://bugzilla.suse.com/1132726", }, { category: "self", summary: "SUSE Bug 1132828", url: "https://bugzilla.suse.com/1132828", }, { category: "self", summary: "SUSE Bug 1132894", url: "https://bugzilla.suse.com/1132894", }, { category: "self", summary: "SUSE Bug 1132943", url: "https://bugzilla.suse.com/1132943", }, { category: "self", summary: "SUSE Bug 1132982", url: "https://bugzilla.suse.com/1132982", }, { category: "self", summary: "SUSE Bug 1133005", url: "https://bugzilla.suse.com/1133005", }, { category: "self", summary: "SUSE Bug 1133016", url: "https://bugzilla.suse.com/1133016", }, { category: "self", summary: "SUSE Bug 1133021", url: "https://bugzilla.suse.com/1133021", }, { category: "self", summary: "SUSE Bug 1133094", url: "https://bugzilla.suse.com/1133094", }, { category: "self", summary: "SUSE Bug 1133095", url: "https://bugzilla.suse.com/1133095", }, { category: "self", summary: "SUSE Bug 1133115", url: "https://bugzilla.suse.com/1133115", }, { category: "self", summary: "SUSE Bug 1133149", url: "https://bugzilla.suse.com/1133149", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133190", url: "https://bugzilla.suse.com/1133190", }, { category: "self", summary: "SUSE Bug 1133311", url: "https://bugzilla.suse.com/1133311", }, { category: "self", summary: "SUSE Bug 1133320", url: "https://bugzilla.suse.com/1133320", }, { category: "self", summary: "SUSE Bug 1133401", url: "https://bugzilla.suse.com/1133401", }, { category: "self", summary: "SUSE Bug 1133486", url: "https://bugzilla.suse.com/1133486", }, { category: "self", summary: "SUSE Bug 1133529", url: "https://bugzilla.suse.com/1133529", }, { category: "self", summary: "SUSE Bug 1133547", url: "https://bugzilla.suse.com/1133547", }, { category: "self", summary: "SUSE Bug 1133584", url: "https://bugzilla.suse.com/1133584", }, { category: "self", summary: "SUSE Bug 1133593", url: "https://bugzilla.suse.com/1133593", }, { category: "self", summary: "SUSE Bug 1133612", url: "https://bugzilla.suse.com/1133612", }, { category: "self", summary: "SUSE Bug 1133616", url: "https://bugzilla.suse.com/1133616", }, { category: "self", summary: "SUSE Bug 1133667", url: "https://bugzilla.suse.com/1133667", }, { category: "self", summary: "SUSE Bug 1133668", url: "https://bugzilla.suse.com/1133668", }, { category: "self", summary: "SUSE Bug 1133672", url: "https://bugzilla.suse.com/1133672", }, { category: "self", summary: "SUSE Bug 1133674", url: "https://bugzilla.suse.com/1133674", }, { category: "self", summary: "SUSE Bug 1133675", url: "https://bugzilla.suse.com/1133675", }, { category: "self", summary: "SUSE Bug 1133698", url: "https://bugzilla.suse.com/1133698", }, { category: "self", summary: "SUSE Bug 1133702", url: "https://bugzilla.suse.com/1133702", }, { category: "self", summary: "SUSE Bug 1133731", url: "https://bugzilla.suse.com/1133731", }, { category: "self", summary: "SUSE Bug 1133738", url: "https://bugzilla.suse.com/1133738", }, { category: "self", summary: "SUSE Bug 1133769", url: "https://bugzilla.suse.com/1133769", }, { category: "self", summary: "SUSE Bug 1133772", url: "https://bugzilla.suse.com/1133772", }, { category: "self", summary: "SUSE Bug 1133774", url: "https://bugzilla.suse.com/1133774", }, { category: "self", summary: "SUSE Bug 1133778", url: "https://bugzilla.suse.com/1133778", }, { category: "self", summary: "SUSE Bug 1133779", url: "https://bugzilla.suse.com/1133779", }, { category: "self", summary: "SUSE Bug 1133780", url: "https://bugzilla.suse.com/1133780", }, { category: "self", summary: "SUSE Bug 1133825", url: "https://bugzilla.suse.com/1133825", }, { category: "self", summary: "SUSE Bug 1133850", url: "https://bugzilla.suse.com/1133850", }, { category: "self", summary: "SUSE Bug 1133851", url: "https://bugzilla.suse.com/1133851", }, { category: "self", summary: "SUSE Bug 1133852", url: "https://bugzilla.suse.com/1133852", }, { category: "self", summary: "SUSE Bug 1133897", url: "https://bugzilla.suse.com/1133897", }, { category: "self", summary: "SUSE Bug 1134090", url: "https://bugzilla.suse.com/1134090", }, { category: "self", summary: "SUSE Bug 1134097", url: "https://bugzilla.suse.com/1134097", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134199", url: "https://bugzilla.suse.com/1134199", }, { category: "self", summary: "SUSE Bug 1134200", url: "https://bugzilla.suse.com/1134200", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134203", url: "https://bugzilla.suse.com/1134203", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134223", url: "https://bugzilla.suse.com/1134223", }, { category: "self", summary: "SUSE Bug 1134303", url: "https://bugzilla.suse.com/1134303", }, { category: "self", summary: "SUSE Bug 1134354", url: "https://bugzilla.suse.com/1134354", }, { category: "self", summary: "SUSE Bug 1134390", url: "https://bugzilla.suse.com/1134390", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134395", url: "https://bugzilla.suse.com/1134395", }, { category: "self", summary: "SUSE Bug 1134397", url: "https://bugzilla.suse.com/1134397", }, { category: "self", summary: "SUSE Bug 1134399", url: "https://bugzilla.suse.com/1134399", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134460", url: "https://bugzilla.suse.com/1134460", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134597", url: "https://bugzilla.suse.com/1134597", }, { category: "self", summary: "SUSE Bug 1134600", url: "https://bugzilla.suse.com/1134600", }, { category: "self", summary: "SUSE Bug 1134607", url: "https://bugzilla.suse.com/1134607", }, { category: "self", summary: "SUSE Bug 1134618", url: "https://bugzilla.suse.com/1134618", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134671", url: "https://bugzilla.suse.com/1134671", }, { category: "self", summary: "SUSE Bug 1134730", url: "https://bugzilla.suse.com/1134730", }, { category: "self", summary: "SUSE Bug 1134738", url: "https://bugzilla.suse.com/1134738", }, { category: "self", summary: "SUSE Bug 1134743", url: "https://bugzilla.suse.com/1134743", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1134936", url: "https://bugzilla.suse.com/1134936", }, { category: "self", summary: "SUSE Bug 1134945", url: "https://bugzilla.suse.com/1134945", }, { category: "self", summary: "SUSE Bug 1134946", url: "https://bugzilla.suse.com/1134946", }, { category: "self", summary: "SUSE Bug 1134947", url: "https://bugzilla.suse.com/1134947", }, { category: "self", summary: "SUSE Bug 1134948", url: "https://bugzilla.suse.com/1134948", }, { category: "self", summary: "SUSE Bug 1134949", url: "https://bugzilla.suse.com/1134949", }, { category: "self", summary: "SUSE Bug 1134950", url: "https://bugzilla.suse.com/1134950", }, { category: "self", summary: "SUSE Bug 1134951", url: "https://bugzilla.suse.com/1134951", }, { category: "self", summary: "SUSE Bug 1134952", url: "https://bugzilla.suse.com/1134952", }, { category: "self", summary: "SUSE Bug 1134953", url: "https://bugzilla.suse.com/1134953", }, { category: "self", summary: "SUSE Bug 1134972", url: "https://bugzilla.suse.com/1134972", }, { category: "self", summary: "SUSE Bug 1134974", url: "https://bugzilla.suse.com/1134974", }, { category: "self", summary: "SUSE Bug 1134975", url: "https://bugzilla.suse.com/1134975", }, { category: "self", summary: "SUSE Bug 1134980", url: "https://bugzilla.suse.com/1134980", }, { category: "self", summary: "SUSE Bug 1134981", url: "https://bugzilla.suse.com/1134981", }, { category: "self", summary: "SUSE Bug 1134983", url: "https://bugzilla.suse.com/1134983", }, { category: "self", summary: "SUSE Bug 1134987", url: "https://bugzilla.suse.com/1134987", }, { category: "self", summary: "SUSE Bug 1134989", url: "https://bugzilla.suse.com/1134989", }, { category: "self", summary: "SUSE Bug 1134990", url: "https://bugzilla.suse.com/1134990", }, { category: "self", summary: "SUSE Bug 1134994", url: "https://bugzilla.suse.com/1134994", }, { category: "self", summary: "SUSE Bug 1134995", url: "https://bugzilla.suse.com/1134995", }, { category: "self", summary: "SUSE Bug 1134998", url: "https://bugzilla.suse.com/1134998", }, { category: "self", summary: "SUSE Bug 1134999", url: "https://bugzilla.suse.com/1134999", }, { category: "self", summary: "SUSE Bug 1135006", url: "https://bugzilla.suse.com/1135006", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135018", url: "https://bugzilla.suse.com/1135018", }, { category: "self", summary: "SUSE Bug 1135021", url: "https://bugzilla.suse.com/1135021", }, { category: "self", summary: "SUSE Bug 1135024", url: "https://bugzilla.suse.com/1135024", }, { category: "self", summary: "SUSE Bug 1135026", url: "https://bugzilla.suse.com/1135026", }, { category: "self", summary: "SUSE Bug 1135027", url: "https://bugzilla.suse.com/1135027", }, { category: "self", summary: "SUSE Bug 1135028", url: "https://bugzilla.suse.com/1135028", }, { category: "self", summary: "SUSE Bug 1135029", url: "https://bugzilla.suse.com/1135029", }, { category: "self", summary: "SUSE Bug 1135031", url: "https://bugzilla.suse.com/1135031", }, { category: "self", summary: "SUSE Bug 1135033", url: "https://bugzilla.suse.com/1135033", }, { category: "self", summary: "SUSE Bug 1135034", url: "https://bugzilla.suse.com/1135034", }, { category: "self", summary: "SUSE Bug 1135035", url: "https://bugzilla.suse.com/1135035", }, { category: "self", summary: "SUSE Bug 1135036", url: "https://bugzilla.suse.com/1135036", }, { category: "self", summary: "SUSE Bug 1135037", url: "https://bugzilla.suse.com/1135037", }, { category: "self", summary: "SUSE Bug 1135038", url: "https://bugzilla.suse.com/1135038", }, { category: "self", summary: "SUSE Bug 1135039", url: "https://bugzilla.suse.com/1135039", }, { category: "self", summary: "SUSE Bug 1135041", url: "https://bugzilla.suse.com/1135041", }, { category: "self", summary: "SUSE Bug 1135042", url: "https://bugzilla.suse.com/1135042", }, { category: "self", summary: "SUSE Bug 1135044", url: "https://bugzilla.suse.com/1135044", }, { category: "self", summary: "SUSE Bug 1135045", url: "https://bugzilla.suse.com/1135045", }, { category: "self", summary: "SUSE Bug 1135046", url: "https://bugzilla.suse.com/1135046", }, { category: "self", summary: "SUSE Bug 1135047", url: "https://bugzilla.suse.com/1135047", }, { category: "self", summary: "SUSE Bug 1135049", url: "https://bugzilla.suse.com/1135049", }, { category: "self", summary: "SUSE Bug 1135051", url: "https://bugzilla.suse.com/1135051", }, { category: "self", summary: "SUSE Bug 1135052", url: "https://bugzilla.suse.com/1135052", }, { category: "self", summary: "SUSE Bug 1135053", url: "https://bugzilla.suse.com/1135053", }, { category: "self", summary: "SUSE Bug 1135055", url: "https://bugzilla.suse.com/1135055", }, { category: "self", summary: "SUSE Bug 1135056", url: "https://bugzilla.suse.com/1135056", }, { category: "self", summary: "SUSE Bug 1135058", url: "https://bugzilla.suse.com/1135058", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135153", url: "https://bugzilla.suse.com/1135153", }, { category: "self", summary: "SUSE Bug 1135278", url: "https://bugzilla.suse.com/1135278", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135296", url: "https://bugzilla.suse.com/1135296", }, { category: "self", summary: "SUSE Bug 1135309", url: "https://bugzilla.suse.com/1135309", }, { category: "self", summary: "SUSE Bug 1135312", url: "https://bugzilla.suse.com/1135312", }, { category: "self", summary: "SUSE Bug 1135314", url: "https://bugzilla.suse.com/1135314", }, { category: "self", summary: "SUSE Bug 1135315", url: "https://bugzilla.suse.com/1135315", }, { category: "self", summary: "SUSE Bug 1135316", url: "https://bugzilla.suse.com/1135316", }, { category: "self", summary: "SUSE Bug 1135320", url: "https://bugzilla.suse.com/1135320", }, { category: "self", summary: "SUSE Bug 1135323", url: "https://bugzilla.suse.com/1135323", }, { category: "self", summary: "SUSE Bug 1135330", url: "https://bugzilla.suse.com/1135330", }, { category: "self", summary: "SUSE Bug 1135335", url: "https://bugzilla.suse.com/1135335", }, { category: "self", summary: "SUSE Bug 1135492", url: "https://bugzilla.suse.com/1135492", }, { category: "self", summary: "SUSE Bug 1135542", url: "https://bugzilla.suse.com/1135542", }, { category: "self", summary: "SUSE Bug 1135556", url: "https://bugzilla.suse.com/1135556", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135758", url: "https://bugzilla.suse.com/1135758", }, { category: "self", summary: "SUSE Bug 1135897", url: "https://bugzilla.suse.com/1135897", }, { category: "self", summary: "SUSE Bug 1136156", url: "https://bugzilla.suse.com/1136156", }, { category: "self", summary: "SUSE Bug 1136157", url: "https://bugzilla.suse.com/1136157", }, { category: "self", summary: "SUSE Bug 1136161", url: "https://bugzilla.suse.com/1136161", }, { category: "self", summary: "SUSE Bug 1136188", url: "https://bugzilla.suse.com/1136188", }, { category: "self", summary: "SUSE Bug 1136206", url: "https://bugzilla.suse.com/1136206", }, { category: "self", summary: "SUSE Bug 1136215", url: "https://bugzilla.suse.com/1136215", }, { category: "self", summary: "SUSE Bug 1136217", url: "https://bugzilla.suse.com/1136217", }, { category: "self", summary: "SUSE Bug 1136264", url: "https://bugzilla.suse.com/1136264", }, { category: "self", summary: "SUSE Bug 1136271", url: "https://bugzilla.suse.com/1136271", }, { category: "self", summary: "SUSE Bug 1136333", url: "https://bugzilla.suse.com/1136333", }, { category: "self", summary: "SUSE Bug 1136342", url: "https://bugzilla.suse.com/1136342", }, { category: "self", summary: "SUSE Bug 1136343", url: "https://bugzilla.suse.com/1136343", }, { category: "self", summary: "SUSE Bug 1136345", url: "https://bugzilla.suse.com/1136345", }, { category: "self", summary: "SUSE Bug 1136347", url: "https://bugzilla.suse.com/1136347", }, { category: "self", summary: "SUSE Bug 1136348", url: "https://bugzilla.suse.com/1136348", }, { category: "self", summary: "SUSE Bug 1136353", url: "https://bugzilla.suse.com/1136353", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136428", url: "https://bugzilla.suse.com/1136428", }, { category: "self", summary: "SUSE Bug 1136430", url: "https://bugzilla.suse.com/1136430", }, { category: "self", summary: "SUSE Bug 1136432", url: "https://bugzilla.suse.com/1136432", }, { category: "self", summary: "SUSE Bug 1136434", url: "https://bugzilla.suse.com/1136434", }, { category: "self", summary: "SUSE Bug 1136435", url: "https://bugzilla.suse.com/1136435", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136439", url: "https://bugzilla.suse.com/1136439", }, { category: "self", summary: "SUSE Bug 1136456", url: "https://bugzilla.suse.com/1136456", }, { category: "self", summary: "SUSE Bug 1136460", url: "https://bugzilla.suse.com/1136460", }, { category: "self", summary: "SUSE Bug 1136461", url: "https://bugzilla.suse.com/1136461", }, { category: "self", summary: "SUSE Bug 1136462", url: "https://bugzilla.suse.com/1136462", }, { category: "self", summary: "SUSE Bug 1136467", url: "https://bugzilla.suse.com/1136467", }, { category: "self", summary: "SUSE Bug 1136469", url: "https://bugzilla.suse.com/1136469", }, { category: "self", summary: "SUSE Bug 1136477", url: "https://bugzilla.suse.com/1136477", }, { category: "self", summary: "SUSE Bug 1136478", url: "https://bugzilla.suse.com/1136478", }, { category: "self", summary: "SUSE Bug 1136498", url: "https://bugzilla.suse.com/1136498", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136598", url: "https://bugzilla.suse.com/1136598", }, { category: "self", summary: "SUSE Bug 1136881", url: "https://bugzilla.suse.com/1136881", }, { category: "self", summary: "SUSE Bug 1136922", url: "https://bugzilla.suse.com/1136922", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136978", url: "https://bugzilla.suse.com/1136978", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137103", url: "https://bugzilla.suse.com/1137103", }, { category: "self", summary: "SUSE Bug 1137151", url: "https://bugzilla.suse.com/1137151", }, { category: "self", summary: "SUSE Bug 1137152", url: "https://bugzilla.suse.com/1137152", }, { category: "self", summary: "SUSE Bug 1137153", url: "https://bugzilla.suse.com/1137153", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137194", url: "https://bugzilla.suse.com/1137194", }, { category: "self", summary: "SUSE Bug 1137201", url: "https://bugzilla.suse.com/1137201", }, { category: "self", summary: "SUSE Bug 1137224", url: "https://bugzilla.suse.com/1137224", }, { category: "self", summary: "SUSE Bug 1137232", url: "https://bugzilla.suse.com/1137232", }, { category: "self", summary: "SUSE Bug 1137233", url: "https://bugzilla.suse.com/1137233", }, { category: "self", summary: "SUSE Bug 1137236", url: "https://bugzilla.suse.com/1137236", }, { category: "self", summary: "SUSE Bug 1137366", url: "https://bugzilla.suse.com/1137366", }, { category: "self", summary: "SUSE Bug 1137372", url: "https://bugzilla.suse.com/1137372", }, { category: "self", summary: "SUSE Bug 1137429", url: "https://bugzilla.suse.com/1137429", }, { category: "self", summary: "SUSE Bug 1137444", url: "https://bugzilla.suse.com/1137444", }, { category: "self", summary: "SUSE Bug 1137458", url: "https://bugzilla.suse.com/1137458", }, { category: "self", summary: "SUSE Bug 1137534", url: "https://bugzilla.suse.com/1137534", }, { category: "self", summary: "SUSE Bug 1137535", url: "https://bugzilla.suse.com/1137535", }, { category: "self", summary: "SUSE Bug 1137584", url: "https://bugzilla.suse.com/1137584", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 1137609", url: "https://bugzilla.suse.com/1137609", }, { category: "self", summary: "SUSE Bug 1137625", url: "https://bugzilla.suse.com/1137625", }, { category: "self", summary: "SUSE Bug 1137728", url: "https://bugzilla.suse.com/1137728", }, { category: "self", summary: "SUSE Bug 1137739", url: "https://bugzilla.suse.com/1137739", }, { category: "self", summary: "SUSE Bug 1137752", url: "https://bugzilla.suse.com/1137752", }, { category: "self", summary: "SUSE Bug 1137811", url: "https://bugzilla.suse.com/1137811", }, { category: "self", summary: "SUSE Bug 1137827", url: "https://bugzilla.suse.com/1137827", }, { category: "self", summary: "SUSE Bug 1137884", url: "https://bugzilla.suse.com/1137884", }, { category: "self", summary: "SUSE Bug 1137985", url: "https://bugzilla.suse.com/1137985", }, { category: "self", summary: "SUSE Bug 1137995", url: "https://bugzilla.suse.com/1137995", }, { category: "self", summary: "SUSE Bug 1137996", url: "https://bugzilla.suse.com/1137996", }, { category: "self", summary: "SUSE Bug 1137998", url: "https://bugzilla.suse.com/1137998", }, { category: "self", summary: "SUSE Bug 1137999", url: "https://bugzilla.suse.com/1137999", }, { category: "self", summary: "SUSE Bug 1138000", url: "https://bugzilla.suse.com/1138000", }, { category: "self", summary: "SUSE Bug 1138002", url: "https://bugzilla.suse.com/1138002", }, { category: "self", summary: "SUSE Bug 1138003", url: "https://bugzilla.suse.com/1138003", }, { category: "self", summary: "SUSE Bug 1138005", url: "https://bugzilla.suse.com/1138005", }, { category: "self", summary: "SUSE Bug 1138006", url: "https://bugzilla.suse.com/1138006", }, { category: "self", summary: "SUSE Bug 1138007", url: "https://bugzilla.suse.com/1138007", }, { category: "self", summary: "SUSE Bug 1138008", url: "https://bugzilla.suse.com/1138008", }, { category: "self", summary: "SUSE Bug 1138009", url: "https://bugzilla.suse.com/1138009", }, { category: "self", summary: "SUSE Bug 1138010", url: "https://bugzilla.suse.com/1138010", }, { category: "self", summary: "SUSE Bug 1138011", url: "https://bugzilla.suse.com/1138011", }, { category: "self", summary: "SUSE Bug 1138012", url: "https://bugzilla.suse.com/1138012", }, { category: "self", summary: "SUSE Bug 1138013", url: "https://bugzilla.suse.com/1138013", }, { category: "self", summary: "SUSE Bug 1138014", url: "https://bugzilla.suse.com/1138014", }, { category: "self", summary: "SUSE Bug 1138015", url: "https://bugzilla.suse.com/1138015", }, { category: "self", summary: "SUSE Bug 1138016", url: "https://bugzilla.suse.com/1138016", }, { category: "self", summary: "SUSE Bug 1138017", url: "https://bugzilla.suse.com/1138017", }, { category: "self", summary: "SUSE Bug 1138018", url: "https://bugzilla.suse.com/1138018", }, { category: "self", summary: "SUSE Bug 1138019", url: "https://bugzilla.suse.com/1138019", }, { category: "self", summary: "SUSE Bug 1138263", url: "https://bugzilla.suse.com/1138263", }, { category: "self", summary: "SUSE Bug 1138291", url: "https://bugzilla.suse.com/1138291", }, { category: "self", summary: "SUSE Bug 1138293", url: "https://bugzilla.suse.com/1138293", }, { category: "self", summary: "SUSE Bug 1138336", url: "https://bugzilla.suse.com/1138336", }, { category: "self", summary: "SUSE Bug 1138374", url: "https://bugzilla.suse.com/1138374", }, { category: "self", summary: "SUSE Bug 1138375", url: "https://bugzilla.suse.com/1138375", }, { category: "self", summary: "SUSE Bug 1138589", url: "https://bugzilla.suse.com/1138589", }, { category: "self", summary: "SUSE Bug 1138681", url: "https://bugzilla.suse.com/1138681", }, { category: "self", summary: "SUSE Bug 1138719", url: "https://bugzilla.suse.com/1138719", }, { category: "self", summary: "SUSE Bug 1138732", url: "https://bugzilla.suse.com/1138732", }, { category: "self", summary: "SUSE Bug 1138874", url: "https://bugzilla.suse.com/1138874", }, { category: "self", summary: "SUSE Bug 1138879", url: "https://bugzilla.suse.com/1138879", }, { category: "self", summary: "SUSE Bug 1139358", url: "https://bugzilla.suse.com/1139358", }, { category: "self", summary: "SUSE Bug 1139619", url: "https://bugzilla.suse.com/1139619", }, { category: "self", summary: "SUSE Bug 1139712", url: "https://bugzilla.suse.com/1139712", }, { category: "self", summary: "SUSE Bug 1139751", url: "https://bugzilla.suse.com/1139751", }, { category: "self", summary: "SUSE Bug 1139771", url: "https://bugzilla.suse.com/1139771", }, { category: "self", summary: "SUSE Bug 1139865", url: "https://bugzilla.suse.com/1139865", }, { category: "self", summary: "SUSE Bug 1140133", url: "https://bugzilla.suse.com/1140133", }, { category: "self", summary: "SUSE Bug 1140139", url: "https://bugzilla.suse.com/1140139", }, { category: "self", summary: "SUSE Bug 1140228", url: "https://bugzilla.suse.com/1140228", }, { category: "self", summary: "SUSE Bug 1140322", url: "https://bugzilla.suse.com/1140322", }, { category: "self", summary: "SUSE Bug 1140328", url: "https://bugzilla.suse.com/1140328", }, { category: "self", summary: "SUSE Bug 1140405", url: "https://bugzilla.suse.com/1140405", }, { category: "self", summary: "SUSE Bug 1140424", url: "https://bugzilla.suse.com/1140424", }, { category: "self", summary: "SUSE Bug 1140428", url: "https://bugzilla.suse.com/1140428", }, { category: "self", summary: "SUSE Bug 1140454", url: "https://bugzilla.suse.com/1140454", }, { category: "self", summary: "SUSE Bug 1140463", url: "https://bugzilla.suse.com/1140463", }, { category: "self", summary: "SUSE Bug 1140559", url: "https://bugzilla.suse.com/1140559", }, { category: "self", summary: "SUSE Bug 1140575", url: "https://bugzilla.suse.com/1140575", }, { category: "self", summary: "SUSE Bug 1140577", url: "https://bugzilla.suse.com/1140577", }, { category: "self", summary: "SUSE Bug 1140637", url: "https://bugzilla.suse.com/1140637", }, { category: "self", summary: "SUSE Bug 1140652", url: "https://bugzilla.suse.com/1140652", }, { category: "self", summary: "SUSE Bug 1140658", url: "https://bugzilla.suse.com/1140658", }, { category: "self", summary: "SUSE Bug 1140676", url: "https://bugzilla.suse.com/1140676", }, { category: "self", summary: "SUSE Bug 1140715", url: "https://bugzilla.suse.com/1140715", }, { category: "self", summary: "SUSE Bug 1140719", url: "https://bugzilla.suse.com/1140719", }, { category: "self", summary: "SUSE Bug 1140726", url: "https://bugzilla.suse.com/1140726", }, { category: "self", summary: "SUSE Bug 1140727", url: "https://bugzilla.suse.com/1140727", }, { category: "self", summary: "SUSE Bug 1140728", url: "https://bugzilla.suse.com/1140728", }, { category: "self", summary: "SUSE Bug 1140814", url: "https://bugzilla.suse.com/1140814", }, { category: "self", summary: "SUSE Bug 1140887", url: "https://bugzilla.suse.com/1140887", }, { category: "self", summary: "SUSE Bug 1140888", url: "https://bugzilla.suse.com/1140888", }, { category: "self", summary: "SUSE Bug 1140889", url: "https://bugzilla.suse.com/1140889", }, { category: "self", summary: "SUSE Bug 1140891", url: "https://bugzilla.suse.com/1140891", }, { category: "self", summary: "SUSE Bug 1140893", url: "https://bugzilla.suse.com/1140893", }, { category: "self", summary: "SUSE Bug 1140903", url: "https://bugzilla.suse.com/1140903", }, { category: "self", summary: "SUSE Bug 1140945", url: "https://bugzilla.suse.com/1140945", }, { category: "self", summary: "SUSE Bug 1140948", url: "https://bugzilla.suse.com/1140948", }, { category: "self", summary: "SUSE Bug 1140954", url: "https://bugzilla.suse.com/1140954", }, { category: "self", summary: "SUSE Bug 1140955", url: "https://bugzilla.suse.com/1140955", }, { category: "self", summary: "SUSE Bug 1140956", url: "https://bugzilla.suse.com/1140956", }, { category: "self", summary: "SUSE Bug 1140957", url: "https://bugzilla.suse.com/1140957", }, { category: "self", summary: "SUSE Bug 1140958", url: "https://bugzilla.suse.com/1140958", }, { category: "self", summary: "SUSE Bug 1140959", url: "https://bugzilla.suse.com/1140959", }, { category: "self", summary: "SUSE Bug 1140960", url: "https://bugzilla.suse.com/1140960", }, { category: "self", summary: "SUSE Bug 1140961", url: "https://bugzilla.suse.com/1140961", }, { category: "self", summary: "SUSE Bug 1140962", url: "https://bugzilla.suse.com/1140962", }, { category: "self", summary: "SUSE Bug 1140964", url: "https://bugzilla.suse.com/1140964", }, { category: "self", summary: "SUSE Bug 1140971", url: "https://bugzilla.suse.com/1140971", }, { category: "self", summary: "SUSE Bug 1140972", url: "https://bugzilla.suse.com/1140972", }, { category: "self", summary: "SUSE Bug 1140992", url: "https://bugzilla.suse.com/1140992", }, { category: "self", summary: "SUSE Bug 1141312", url: "https://bugzilla.suse.com/1141312", }, { category: "self", summary: "SUSE Bug 1141401", url: "https://bugzilla.suse.com/1141401", }, { category: "self", summary: "SUSE Bug 1141402", url: "https://bugzilla.suse.com/1141402", }, { category: "self", summary: "SUSE Bug 1141452", url: "https://bugzilla.suse.com/1141452", }, { category: "self", summary: "SUSE Bug 1141453", url: "https://bugzilla.suse.com/1141453", }, { category: "self", summary: "SUSE Bug 1141454", url: "https://bugzilla.suse.com/1141454", }, { category: "self", summary: "SUSE Bug 1141478", url: "https://bugzilla.suse.com/1141478", }, { category: "self", summary: "SUSE Bug 1141558", url: "https://bugzilla.suse.com/1141558", }, { category: "self", summary: "SUSE Bug 1142023", url: "https://bugzilla.suse.com/1142023", }, { category: "self", summary: "SUSE Bug 1142052", url: "https://bugzilla.suse.com/1142052", }, { category: "self", summary: "SUSE Bug 1142083", url: "https://bugzilla.suse.com/1142083", }, { category: "self", summary: "SUSE Bug 1142112", url: "https://bugzilla.suse.com/1142112", }, { category: "self", summary: "SUSE Bug 1142115", url: "https://bugzilla.suse.com/1142115", }, { category: "self", summary: "SUSE Bug 1142119", url: "https://bugzilla.suse.com/1142119", }, { category: "self", summary: "SUSE Bug 1142220", url: "https://bugzilla.suse.com/1142220", }, { category: "self", summary: "SUSE Bug 1142221", url: "https://bugzilla.suse.com/1142221", }, { category: "self", summary: "SUSE Bug 1142254", url: "https://bugzilla.suse.com/1142254", }, { category: "self", summary: "SUSE Bug 1142350", url: "https://bugzilla.suse.com/1142350", }, { category: "self", summary: "SUSE Bug 1142351", url: "https://bugzilla.suse.com/1142351", }, { category: "self", summary: "SUSE Bug 1142354", url: "https://bugzilla.suse.com/1142354", }, { category: "self", summary: "SUSE Bug 1142359", url: "https://bugzilla.suse.com/1142359", }, { category: "self", summary: "SUSE Bug 1142450", url: "https://bugzilla.suse.com/1142450", }, { category: "self", summary: "SUSE Bug 1142623", url: "https://bugzilla.suse.com/1142623", }, { category: "self", summary: "SUSE Bug 1142673", url: "https://bugzilla.suse.com/1142673", }, { category: "self", summary: "SUSE Bug 1142701", url: "https://bugzilla.suse.com/1142701", }, { category: "self", summary: "SUSE Bug 1142868", url: "https://bugzilla.suse.com/1142868", }, { category: "self", summary: "SUSE Bug 1143003", url: "https://bugzilla.suse.com/1143003", }, { category: "self", summary: "SUSE Bug 1143045", url: "https://bugzilla.suse.com/1143045", }, { category: "self", summary: "SUSE Bug 1143105", url: "https://bugzilla.suse.com/1143105", }, { category: "self", summary: "SUSE Bug 1143185", url: "https://bugzilla.suse.com/1143185", }, { category: "self", summary: "SUSE Bug 1143189", url: "https://bugzilla.suse.com/1143189", }, { category: "self", summary: "SUSE Bug 1143191", url: "https://bugzilla.suse.com/1143191", }, { category: "self", summary: "SUSE Bug 1143209", url: "https://bugzilla.suse.com/1143209", }, { category: "self", summary: "SUSE Bug 1143507", url: "https://bugzilla.suse.com/1143507", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2018-12126 page", url: "https://www.suse.com/security/cve/CVE-2018-12126/", }, { category: "self", summary: "SUSE CVE CVE-2018-12127 page", url: "https://www.suse.com/security/cve/CVE-2018-12127/", }, { category: "self", summary: "SUSE CVE CVE-2018-12130 page", url: "https://www.suse.com/security/cve/CVE-2018-12130/", }, { category: "self", summary: "SUSE CVE CVE-2018-16871 page", url: "https://www.suse.com/security/cve/CVE-2018-16871/", }, { category: "self", summary: "SUSE CVE CVE-2018-16880 page", url: "https://www.suse.com/security/cve/CVE-2018-16880/", }, { category: "self", summary: "SUSE CVE CVE-2018-20836 page", url: "https://www.suse.com/security/cve/CVE-2018-20836/", }, { category: "self", summary: "SUSE CVE CVE-2018-20855 page", url: "https://www.suse.com/security/cve/CVE-2018-20855/", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-10124 page", url: "https://www.suse.com/security/cve/CVE-2019-10124/", }, { category: "self", summary: "SUSE CVE CVE-2019-10638 page", url: "https://www.suse.com/security/cve/CVE-2019-10638/", }, { category: "self", summary: "SUSE CVE CVE-2019-10639 page", url: "https://www.suse.com/security/cve/CVE-2019-10639/", }, { category: "self", summary: "SUSE CVE CVE-2019-11085 page", url: "https://www.suse.com/security/cve/CVE-2019-11085/", }, { category: "self", summary: "SUSE CVE CVE-2019-11091 page", url: "https://www.suse.com/security/cve/CVE-2019-11091/", }, { category: "self", summary: "SUSE CVE CVE-2019-1125 page", url: "https://www.suse.com/security/cve/CVE-2019-1125/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11487 page", url: "https://www.suse.com/security/cve/CVE-2019-11487/", }, { category: "self", summary: "SUSE CVE CVE-2019-11599 page", url: "https://www.suse.com/security/cve/CVE-2019-11599/", }, { category: "self", summary: "SUSE CVE CVE-2019-11810 page", url: "https://www.suse.com/security/cve/CVE-2019-11810/", }, { category: "self", summary: "SUSE CVE CVE-2019-11811 page", url: "https://www.suse.com/security/cve/CVE-2019-11811/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12380 page", url: "https://www.suse.com/security/cve/CVE-2019-12380/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-12456 page", url: "https://www.suse.com/security/cve/CVE-2019-12456/", }, { category: "self", summary: "SUSE CVE CVE-2019-12614 page", url: "https://www.suse.com/security/cve/CVE-2019-12614/", }, { category: "self", summary: "SUSE CVE CVE-2019-12817 page", url: "https://www.suse.com/security/cve/CVE-2019-12817/", }, { category: "self", summary: "SUSE CVE CVE-2019-12818 page", url: "https://www.suse.com/security/cve/CVE-2019-12818/", }, { category: "self", summary: "SUSE CVE CVE-2019-12819 page", url: "https://www.suse.com/security/cve/CVE-2019-12819/", }, { category: "self", summary: "SUSE CVE CVE-2019-13233 page", url: "https://www.suse.com/security/cve/CVE-2019-13233/", }, { category: "self", summary: "SUSE CVE CVE-2019-13631 page", url: "https://www.suse.com/security/cve/CVE-2019-13631/", }, { category: "self", summary: "SUSE CVE CVE-2019-13648 page", url: "https://www.suse.com/security/cve/CVE-2019-13648/", }, { category: "self", summary: "SUSE CVE CVE-2019-14283 page", url: "https://www.suse.com/security/cve/CVE-2019-14283/", }, { category: "self", summary: "SUSE CVE CVE-2019-14284 page", url: "https://www.suse.com/security/cve/CVE-2019-14284/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, { category: "self", summary: "SUSE CVE CVE-2019-8564 page", url: "https://www.suse.com/security/cve/CVE-2019-8564/", }, { category: "self", summary: "SUSE CVE CVE-2019-9003 page", url: "https://www.suse.com/security/cve/CVE-2019-9003/", }, { category: "self", summary: "SUSE CVE CVE-2019-9500 page", url: "https://www.suse.com/security/cve/CVE-2019-9500/", }, { category: "self", summary: "SUSE CVE CVE-2019-9503 page", url: "https://www.suse.com/security/cve/CVE-2019-9503/", }, { category: "self", summary: "SUSE Bug SLE-4678", url: "https://bugzilla.suse.com/SLE-4678", }, { category: "self", summary: "SUSE Bug SLE-4679", url: "https://bugzilla.suse.com/SLE-4679", }, { category: "self", summary: "SUSE Bug SLE-4681", url: "https://bugzilla.suse.com/SLE-4681", }, { category: "self", summary: "SUSE Bug SLE-4683", url: "https://bugzilla.suse.com/SLE-4683", }, { category: "self", summary: "SUSE Bug SLE-4684", url: "https://bugzilla.suse.com/SLE-4684", }, { category: "self", summary: "SUSE Bug SLE-4688", url: "https://bugzilla.suse.com/SLE-4688", }, { category: "self", summary: "SUSE Bug SLE-4689", url: "https://bugzilla.suse.com/SLE-4689", }, { category: "self", summary: "SUSE Bug SLE-4692", url: "https://bugzilla.suse.com/SLE-4692", }, { category: "self", summary: "SUSE Bug SLE-4693", url: "https://bugzilla.suse.com/SLE-4693", }, { category: "self", summary: "SUSE Bug SLE-4694", url: "https://bugzilla.suse.com/SLE-4694", }, { category: "self", summary: "SUSE Bug SLE-4695", url: "https://bugzilla.suse.com/SLE-4695", }, { category: "self", summary: "SUSE Bug SLE-4699", url: "https://bugzilla.suse.com/SLE-4699", }, { category: "self", summary: "SUSE Bug SLE-4710", url: "https://bugzilla.suse.com/SLE-4710", }, { category: "self", summary: "SUSE Bug SLE-4712", url: "https://bugzilla.suse.com/SLE-4712", }, { category: "self", summary: "SUSE Bug SLE-4717", url: "https://bugzilla.suse.com/SLE-4717", }, { category: "self", summary: "SUSE Bug SLE-4721", url: "https://bugzilla.suse.com/SLE-4721", }, { category: "self", summary: "SUSE Bug SLE-4722", url: "https://bugzilla.suse.com/SLE-4722", }, { category: "self", summary: "SUSE Bug SLE-4994", url: "https://bugzilla.suse.com/SLE-4994", }, { category: "self", summary: "SUSE Bug SLE-5759", url: "https://bugzilla.suse.com/SLE-5759", }, { category: "self", summary: "SUSE Bug SLE-5789", url: "https://bugzilla.suse.com/SLE-5789", }, { category: "self", summary: "SUSE Bug SLE-5802", url: "https://bugzilla.suse.com/SLE-5802", }, { category: "self", summary: "SUSE Bug SLE-5954", url: "https://bugzilla.suse.com/SLE-5954", }, { category: "self", summary: "SUSE Bug SLE-6197", url: "https://bugzilla.suse.com/SLE-6197", }, ], title: "Security update for kernel-source-rt", tracking: { current_release_date: "2019-09-23T07:31:22Z", generator: { date: "2019-09-23T07:31:22Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:2430-1", initial_release_date: "2019-09-23T07:31:22Z", revision_history: [ { date: "2019-09-23T07:31:22Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-4.12.14-14.8.1.noarch", product: { name: "kernel-devel-rt-4.12.14-14.8.1.noarch", product_id: "kernel-devel-rt-4.12.14-14.8.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-4.12.14-14.8.1.noarch", product: { name: "kernel-source-rt-4.12.14-14.8.1.noarch", product_id: "kernel-source-rt-4.12.14-14.8.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", product: { name: "cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", product_id: "cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-rt_debug-4.12.14-14.8.1.x86_64", product: { name: "cluster-md-kmp-rt_debug-4.12.14-14.8.1.x86_64", product_id: "cluster-md-kmp-rt_debug-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-4.12.14-14.8.1.x86_64", product: { name: "dlm-kmp-rt-4.12.14-14.8.1.x86_64", product_id: "dlm-kmp-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt_debug-4.12.14-14.8.1.x86_64", product: { name: "dlm-kmp-rt_debug-4.12.14-14.8.1.x86_64", product_id: "dlm-kmp-rt_debug-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-4.12.14-14.8.1.x86_64", product: { name: "gfs2-kmp-rt-4.12.14-14.8.1.x86_64", product_id: "gfs2-kmp-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt_debug-4.12.14-14.8.1.x86_64", product: { name: "gfs2-kmp-rt_debug-4.12.14-14.8.1.x86_64", product_id: "gfs2-kmp-rt_debug-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt-4.12.14-14.8.1.x86_64", product_id: "kernel-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-base-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt-base-4.12.14-14.8.1.x86_64", product_id: "kernel-rt-base-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt-devel-4.12.14-14.8.1.x86_64", product_id: "kernel-rt-devel-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt-extra-4.12.14-14.8.1.x86_64", product_id: "kernel-rt-extra-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt-livepatch-4.12.14-14.8.1.x86_64", product_id: "kernel-rt-livepatch-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-devel-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt-livepatch-devel-4.12.14-14.8.1.x86_64", product_id: "kernel-rt-livepatch-devel-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt_debug-4.12.14-14.8.1.x86_64", product_id: "kernel-rt_debug-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-base-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt_debug-base-4.12.14-14.8.1.x86_64", product_id: "kernel-rt_debug-base-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", product_id: "kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-extra-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt_debug-extra-4.12.14-14.8.1.x86_64", product_id: "kernel-rt_debug-extra-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt_debug-livepatch-4.12.14-14.8.1.x86_64", product_id: "kernel-rt_debug-livepatch-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-devel-4.12.14-14.8.1.x86_64", product: { name: "kernel-rt_debug-livepatch-devel-4.12.14-14.8.1.x86_64", product_id: "kernel-rt_debug-livepatch-devel-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-4.12.14-14.8.1.x86_64", product: { name: "kernel-syms-rt-4.12.14-14.8.1.x86_64", product_id: "kernel-syms-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-4.12.14-14.8.1.x86_64", product: { name: "kselftests-kmp-rt-4.12.14-14.8.1.x86_64", product_id: "kselftests-kmp-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt_debug-4.12.14-14.8.1.x86_64", product: { name: "kselftests-kmp-rt_debug-4.12.14-14.8.1.x86_64", product_id: "kselftests-kmp-rt_debug-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", product: { name: "ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", product_id: "ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt_debug-4.12.14-14.8.1.x86_64", product: { name: "ocfs2-kmp-rt_debug-4.12.14-14.8.1.x86_64", product_id: "ocfs2-kmp-rt_debug-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt-4.12.14-14.8.1.x86_64", product: { name: "reiserfs-kmp-rt-4.12.14-14.8.1.x86_64", product_id: "reiserfs-kmp-rt-4.12.14-14.8.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt_debug-4.12.14-14.8.1.x86_64", product: { name: "reiserfs-kmp-rt_debug-4.12.14-14.8.1.x86_64", product_id: "reiserfs-kmp-rt_debug-4.12.14-14.8.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Real Time Module 15 SP1", product: { name: "SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-rt:15:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", }, product_reference: "cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", }, product_reference: "dlm-kmp-rt-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", }, product_reference: "gfs2-kmp-rt-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-4.12.14-14.8.1.noarch as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", }, product_reference: "kernel-devel-rt-4.12.14-14.8.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", }, product_reference: "kernel-rt-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-base-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", }, product_reference: "kernel-rt-base-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", }, product_reference: "kernel-rt-devel-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", }, product_reference: "kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-4.12.14-14.8.1.noarch as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", }, product_reference: "kernel-source-rt-4.12.14-14.8.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", }, product_reference: "kernel-syms-rt-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-4.12.14-14.8.1.x86_64 as component of SUSE Real Time Module 15 SP1", product_id: "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", }, product_reference: "ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2018-12126", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12126", }, ], notes: [ { category: "general", text: "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12126", url: "https://www.suse.com/security/cve/CVE-2018-12126", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12126", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12126", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12126", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1135524 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135524", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12126", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12126", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12126", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1149725 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149725", }, { category: "external", summary: "SUSE Bug 1149726 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149726", }, { category: "external", summary: "SUSE Bug 1149729 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149729", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12126", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12126", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2018-12126", }, { cve: "CVE-2018-12127", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12127", }, ], notes: [ { category: "general", text: "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12127", url: "https://www.suse.com/security/cve/CVE-2018-12127", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12127", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12127", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12127", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12127", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12127", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12127", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12127", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12127", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2018-12127", }, { cve: "CVE-2018-12130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12130", }, ], notes: [ { category: "general", text: "Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12130", url: "https://www.suse.com/security/cve/CVE-2018-12130", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12130", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12130", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12130", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12130", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12130", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12130", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12130", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12130", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12130", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2018-12130", }, { cve: "CVE-2018-16871", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16871", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16871", url: "https://www.suse.com/security/cve/CVE-2018-16871", }, { category: "external", summary: "SUSE Bug 1137103 for CVE-2018-16871", url: "https://bugzilla.suse.com/1137103", }, { category: "external", summary: "SUSE Bug 1156320 for CVE-2018-16871", url: "https://bugzilla.suse.com/1156320", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2018-16871", }, { cve: "CVE-2018-16880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16880", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16880", url: "https://www.suse.com/security/cve/CVE-2018-16880", }, { category: "external", summary: "SUSE Bug 1122767 for CVE-2018-16880", url: "https://bugzilla.suse.com/1122767", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2018-16880", }, { cve: "CVE-2018-20836", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20836", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20836", url: "https://www.suse.com/security/cve/CVE-2018-20836", }, { category: "external", summary: "SUSE Bug 1134395 for CVE-2018-20836", url: "https://bugzilla.suse.com/1134395", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2018-20836", }, { cve: "CVE-2018-20855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20855", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20855", url: "https://www.suse.com/security/cve/CVE-2018-20855", }, { category: "external", summary: "SUSE Bug 1143045 for CVE-2018-20855", url: "https://bugzilla.suse.com/1143045", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2018-20855", }, { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-10124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10124", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10124", url: "https://www.suse.com/security/cve/CVE-2019-10124", }, { category: "external", summary: "SUSE Bug 1130699 for CVE-2019-10124", url: "https://bugzilla.suse.com/1130699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-10124", }, { cve: "CVE-2019-10638", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10638", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10638", url: "https://www.suse.com/security/cve/CVE-2019-10638", }, { category: "external", summary: "SUSE Bug 1140575 for CVE-2019-10638", url: "https://bugzilla.suse.com/1140575", }, { category: "external", summary: "SUSE Bug 1140577 for CVE-2019-10638", url: "https://bugzilla.suse.com/1140577", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-10638", url: "https://bugzilla.suse.com/1142129", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-10638", }, { cve: "CVE-2019-10639", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10639", }, ], notes: [ { category: "general", text: "The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10639", url: "https://www.suse.com/security/cve/CVE-2019-10639", }, { category: "external", summary: "SUSE Bug 1140577 for CVE-2019-10639", url: "https://bugzilla.suse.com/1140577", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-10639", }, { cve: "CVE-2019-11085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11085", }, ], notes: [ { category: "general", text: "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11085", url: "https://www.suse.com/security/cve/CVE-2019-11085", }, { category: "external", summary: "SUSE Bug 1135278 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135278", }, { category: "external", summary: "SUSE Bug 1135280 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135280", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-11085", }, { cve: "CVE-2019-11091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11091", }, ], notes: [ { category: "general", text: "Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11091", url: "https://www.suse.com/security/cve/CVE-2019-11091", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2019-11091", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2019-11091", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11091", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-11091", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1135394 for CVE-2019-11091", url: "https://bugzilla.suse.com/1135394", }, { category: "external", summary: "SUSE Bug 1138043 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138043", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2019-11091", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2019-11091", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2019-11091", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-11091", }, { cve: "CVE-2019-1125", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-1125", }, ], notes: [ { category: "general", text: "An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further.\nOn January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125.\nMicrosoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM.\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-1125", url: "https://www.suse.com/security/cve/CVE-2019-1125", }, { category: "external", summary: "SUSE Bug 1139358 for CVE-2019-1125", url: "https://bugzilla.suse.com/1139358", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-1125", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11487", }, ], notes: [ { category: "general", text: "The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11487", url: "https://www.suse.com/security/cve/CVE-2019-11487", }, { category: "external", summary: "SUSE Bug 1133190 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133190", }, { category: "external", summary: "SUSE Bug 1133191 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-11487", }, { cve: "CVE-2019-11599", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11599", }, ], notes: [ { category: "general", text: "The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11599", url: "https://www.suse.com/security/cve/CVE-2019-11599", }, { category: "external", summary: "SUSE Bug 1131645 for CVE-2019-11599", url: "https://bugzilla.suse.com/1131645", }, { category: "external", summary: "SUSE Bug 1133738 for CVE-2019-11599", url: "https://bugzilla.suse.com/1133738", }, { category: "external", summary: "SUSE Bug 1157905 for CVE-2019-11599", url: "https://bugzilla.suse.com/1157905", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-11599", }, { cve: "CVE-2019-11810", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11810", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11810", url: "https://www.suse.com/security/cve/CVE-2019-11810", }, { category: "external", summary: "SUSE Bug 1134399 for CVE-2019-11810", url: "https://bugzilla.suse.com/1134399", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "low", }, ], title: "CVE-2019-11810", }, { cve: "CVE-2019-11811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11811", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11811", url: "https://www.suse.com/security/cve/CVE-2019-11811", }, { category: "external", summary: "SUSE Bug 1134397 for CVE-2019-11811", url: "https://bugzilla.suse.com/1134397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "low", }, ], title: "CVE-2019-11811", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12380", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12380", }, ], notes: [ { category: "general", text: "**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because \"All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.\".", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12380", url: "https://www.suse.com/security/cve/CVE-2019-12380", }, { category: "external", summary: "SUSE Bug 1136598 for CVE-2019-12380", url: "https://bugzilla.suse.com/1136598", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12380", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "low", }, ], title: "CVE-2019-12380", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-12456", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12456", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a \"double fetch\" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12456", url: "https://www.suse.com/security/cve/CVE-2019-12456", }, { category: "external", summary: "SUSE Bug 1136922 for CVE-2019-12456", url: "https://bugzilla.suse.com/1136922", }, { category: "external", summary: "SUSE Bug 1136993 for CVE-2019-12456", url: "https://bugzilla.suse.com/1136993", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-12456", }, { cve: "CVE-2019-12614", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12614", }, ], notes: [ { category: "general", text: "An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12614", url: "https://www.suse.com/security/cve/CVE-2019-12614", }, { category: "external", summary: "SUSE Bug 1137194 for CVE-2019-12614", url: "https://bugzilla.suse.com/1137194", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-12614", }, { cve: "CVE-2019-12817", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12817", }, ], notes: [ { category: "general", text: "arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12817", url: "https://www.suse.com/security/cve/CVE-2019-12817", }, { category: "external", summary: "SUSE Bug 1138263 for CVE-2019-12817", url: "https://bugzilla.suse.com/1138263", }, { category: "external", summary: "SUSE Bug 1138264 for CVE-2019-12817", url: "https://bugzilla.suse.com/1138264", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-12817", }, { cve: "CVE-2019-12818", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12818", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12818", url: "https://www.suse.com/security/cve/CVE-2019-12818", }, { category: "external", summary: "SUSE Bug 1138293 for CVE-2019-12818", url: "https://bugzilla.suse.com/1138293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-12818", }, { cve: "CVE-2019-12819", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12819", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12819", url: "https://www.suse.com/security/cve/CVE-2019-12819", }, { category: "external", summary: "SUSE Bug 1138291 for CVE-2019-12819", url: "https://bugzilla.suse.com/1138291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.4, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "low", }, ], title: "CVE-2019-12819", }, { cve: "CVE-2019-13233", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13233", }, ], notes: [ { category: "general", text: "In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13233", url: "https://www.suse.com/security/cve/CVE-2019-13233", }, { category: "external", summary: "SUSE Bug 1140454 for CVE-2019-13233", url: "https://bugzilla.suse.com/1140454", }, { category: "external", summary: "SUSE Bug 1144502 for CVE-2019-13233", url: "https://bugzilla.suse.com/1144502", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-13233", }, { cve: "CVE-2019-13631", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13631", }, ], notes: [ { category: "general", text: "In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13631", url: "https://www.suse.com/security/cve/CVE-2019-13631", }, { category: "external", summary: "SUSE Bug 1142023 for CVE-2019-13631", url: "https://bugzilla.suse.com/1142023", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-13631", }, { cve: "CVE-2019-13648", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13648", }, ], notes: [ { category: "general", text: "In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13648", url: "https://www.suse.com/security/cve/CVE-2019-13648", }, { category: "external", summary: "SUSE Bug 1142254 for CVE-2019-13648", url: "https://bugzilla.suse.com/1142254", }, { category: "external", summary: "SUSE Bug 1142265 for CVE-2019-13648", url: "https://bugzilla.suse.com/1142265", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-13648", }, { cve: "CVE-2019-14283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14283", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14283", url: "https://www.suse.com/security/cve/CVE-2019-14283", }, { category: "external", summary: "SUSE Bug 1143191 for CVE-2019-14283", url: "https://bugzilla.suse.com/1143191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-14283", }, { cve: "CVE-2019-14284", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14284", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14284", url: "https://www.suse.com/security/cve/CVE-2019-14284", }, { category: "external", summary: "SUSE Bug 1143189 for CVE-2019-14284", url: "https://bugzilla.suse.com/1143189", }, { category: "external", summary: "SUSE Bug 1143191 for CVE-2019-14284", url: "https://bugzilla.suse.com/1143191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-14284", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-5489", }, { cve: "CVE-2019-8564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8564", }, ], notes: [ { category: "general", text: "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-8564", url: "https://www.suse.com/security/cve/CVE-2019-8564", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-8564", url: "https://bugzilla.suse.com/1132828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-8564", }, { cve: "CVE-2019-9003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9003", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a \"service ipmievd restart\" loop.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9003", url: "https://www.suse.com/security/cve/CVE-2019-9003", }, { category: "external", summary: "SUSE Bug 1126704 for CVE-2019-9003", url: "https://bugzilla.suse.com/1126704", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-9003", }, { cve: "CVE-2019-9500", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9500", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9500", url: "https://www.suse.com/security/cve/CVE-2019-9500", }, { category: "external", summary: "SUSE Bug 1132681 for CVE-2019-9500", url: "https://bugzilla.suse.com/1132681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-9500", }, { cve: "CVE-2019-9503", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9503", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9503", url: "https://www.suse.com/security/cve/CVE-2019-9503", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132828", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-9503", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1156653 for CVE-2019-9503", url: "https://bugzilla.suse.com/1156653", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE Real Time Module 15 SP1:cluster-md-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:dlm-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:gfs2-kmp-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-devel-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-base-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-rt_debug-devel-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:kernel-source-rt-4.12.14-14.8.1.noarch", "SUSE Real Time Module 15 SP1:kernel-syms-rt-4.12.14-14.8.1.x86_64", "SUSE Real Time Module 15 SP1:ocfs2-kmp-rt-4.12.14-14.8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-09-23T07:31:22Z", details: "moderate", }, ], title: "CVE-2019-9503", }, ], }
suse-su-2019:1535-1
Vulnerability from csaf_suse
Published
2019-06-17 17:22
Modified
2019-06-17 17:22
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will
fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an
expensive linked-list walk for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)
- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)
- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\0' character. (bnc#1134848)
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
- CVE-2019-10124: An attacker could exploit an issue in the hwpoison implementation to cause a denial of service (BUG). (bsc#1130699)
The following non-security bugs were fixed:
- 9p locks: add mount option for lock retry interval (bsc#1051510).
- acpi / property: fix handling of data_nodes in acpi_get_next_subnode() (bsc#1051510).
- acpi / utils: Drop reference in test for device presence (bsc#1051510).
- acpi: button: reinitialize button state upon resume (bsc#1051510).
- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).
- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).
- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: hda/realtek - EAPD turn on later (bsc#1051510).
- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).
- alsa: hda/realtek - Set default power save node to 0 (bsc#1051510).
- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
- alsa: line6: use dynamic buffers (bsc#1051510).
- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- alsa: timer: Coding style fixes (bsc#1051510).
- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- alsa: timer: Make sure to clear pending ack list (bsc#1051510).
- alsa: timer: Revert active callback sync check at close (bsc#1051510).
- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- alsa: timer: Unify timer callback process code (bsc#1051510).
- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- alsa: usx2y: fix a double free bug (bsc#1051510).
- appletalk: Fix compile regression (bsc#1051510).
- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).
- arm64/x86: Update config files. Use CONFIG_ARCH_SUPPORTS_acpi
- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).
- arm64: fix acpi dependencies (bsc#1117158).
- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- asoc: eukrea-tlv320: fix a leaked reference by adding missing of_node_put (bsc#1051510).
- asoc: fix valid stream condition (bsc#1051510).
- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- asoc: fsl_sai: Update is_slave_mode with correct value (bsc#1051510).
- asoc: fsl_utils: fix a leaked reference by adding missing of_node_put (bsc#1051510).
- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- asoc: hdmi-codec: unlock the device on startup errors (bsc#1051510).
- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- asoc: stm32: fix sai driver name initialisation (bsc#1051510).
- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
- batman-adv: allow updating DAT entry timeouts on incoming ARP Replies (bsc#1051510).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: treat stale and dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
- block: fix the return errno for direct IO (bsc#1135320).
- block: fix use-after-free on gendisk (bsc#1135312).
- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
- bluetooth: hidp: fix buffer overflow (bsc#1051510).
- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).
- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).
- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).
- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).
- bpf: Add missed newline in verifier verbose log (bsc#1056787).
- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- brcmfmac: convert dev_init_lock mutex to completion (bsc#1051510).
- brcmfmac: fix Oops when bringing up interface during usb disconnect (bsc#1051510).
- brcmfmac: fix WARNING during usb disconnect in case of unempty psq (bsc#1051510).
- brcmfmac: fix missing checks for kmemdup (bsc#1051510).
- brcmfmac: fix race during disconnect when usb completion is in progress (bsc#1051510).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).
- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).
- btrfs: fix race updating log root item during fsync (bsc#1137153).
- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).
- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- chardev: add additional check for minor range overlap (bsc#1051510).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- config: Debug kernel is not supported (bsc#1135492).
- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- dccp: Fix memleak in __feat_register_sp (bsc#1051510).
- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- debugfs: fix use-after-free on symlink traversal (bsc#1051510).
- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- docs: Fix conf.py for Sphinx 2.0 (bsc#1135642).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- documentation: Correct the possible MDS sysfs values (bsc#1135642).
- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
- drm/amdgpu: fix old fence check in amdgpu_fence_emit (bsc#1051510).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
- drm/drv: Hold ref on parent device during drm_device lifetime (bsc#1051510).
- drm/etnaviv: lock MMU while dumping core (bsc#1113722)
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)
- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).
- drm/i915/gvt: refine ggtt range validation (bsc#1113722)
- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
- drm/rockchip: fix for mailbox read validation (bsc#1051510).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).
- drm: Wake up next in drm_read() chain if we are forced to putback the event (bsc#1051510).
- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).
- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).
- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
- efi/arm: libstub: add a root memreserve config table (bsc#1117158).
- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).
- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).
- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).
- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).
- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).
- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).
- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).
- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).
- ext4: actually request zeroing of inode table after grow (bsc#1135315).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
- ext4: make sanity check in mballoc more strict (bsc#1136439).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- extcon: arizona: Disable mic detect if running when driver is removed (bsc#1051510).
- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
- fix rtnh_ok() (git-fixes).
- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- fuse: fallocate: fix return with locked inode (bsc#1051510).
- fuse: fix writepages on 32bit (bsc#1051510).
- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate (bsc#1051510).
- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- gpio: Remove obsolete comment about gpiochip_free_hogs() usage (bsc#1051510).
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpio: fix gpio-adp5588 build errors (bsc#1051510).
- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).
- hid: input: add mapping for Assistant key (bsc#1051510).
- hid: input: add mapping for Expose/Overview key (bsc#1051510).
- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
- hid: logitech-hidpp: change low battery level threshold from 31 to 30 percent (bsc#1051510).
- hid: logitech-hidpp: use RAP instead of FAP to get the protocol version (bsc#1051510).
- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- hwmon: (core) add thermal sensors only if dev->of_node is present (bsc#1051510).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pmbus/core) Treat parameters as paged if on multiple pages (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwrng: omap - Set default quality (bsc#1051510).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
- i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr (bsc#1051510).
- ibmvnic: Add device identification to requested IRQs (bsc#1137739).
- ibmvnic: Do not close unopened driver during reset (bsc#1137752).
- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
- ibmvnic: Refresh device multicast list after reset (bsc#1137752).
- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
- igmp: fix incorrect unsolicit report count when join group (git-fixes).
- iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion (bsc#1051510).
- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
- iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data (bsc#1051510).
- iio: hmc5843: fix potential NULL pointer dereferences (bsc#1051510).
- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).
- inetpeer: fix uninit-value in inet_getpeer (git-fixes).
- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
- input: introduce KEY_ASSISTANT (bsc#1051510).
- input: synaptics-rmi4 - fix possible double free (bsc#1051510).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).
- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).
- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).
- ip_gre: fix parsing gre header in ipgre_err (git-fixes).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
- ipmi_ssif: update patch reference for ipmi_ssif fix (bsc#1135120)
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).
- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).
- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).
- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).
- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
- ipvlan: fix ipv6 outbound device (bsc#1051510).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
- ipvs: fix buffer overflow with sync daemon and service (git-fixes).
- ipvs: fix check on xmit to non-local addresses (git-fixes).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
- ipvs: fix stats update from local clients (git-fixes).
- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
- iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() (bsc#1051510).
- iwlwifi: pcie: do not crash on invalid RX interrupt (bsc#1051510).
- jbd2: check superblock mapped prior to committing (bsc#1136430).
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kABI: protect dma-mapping.h include (kabi).
- kABI: protect ip_options_rcv_srr (kabi).
- kABI: protect struct mlx5_td (kabi).
- kABI: protect struct pci_dev (kabi).
- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).
- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
- kvm: PPC: Book3S HV: Avoid lockdep debugging in TCE realmode handlers (bsc#1061840).
- kvm: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts (bsc#1061840).
- kvm: PPC: Book3S: Protect memslots while validating user address (bsc#1061840).
- kvm: PPC: Release all hardware TCE tables attached to a group (bsc#1061840).
- kvm: PPC: Remove redundand permission bits removal (bsc#1061840).
- kvm: PPC: Validate TCEs against preregistered memory page sizes (bsc#1061840).
- kvm: PPC: Validate all tces before updating tables (bsc#1061840).
- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
- kvm: s390: use created_vcpus in more places (bsc#1136206).
- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
- leds: avoid flush_work in atomic context (bsc#1051510).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- libata: fix using DMA buffers on stack (bsc#1051510).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).
- livepatch: Remove custom kobject state handling (bsc#1071995).
- livepatch: Remove duplicated code for early initialization (bsc#1071995).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mISDN: Check address length before reading address family (bsc#1051510).
- mac80211/cfg80211: update bss channel on channel switch (bsc#1051510).
- mac80211: Fix kernel panic due to use of txq after free (bsc#1051510).
- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
- mac8390: Fix mmio access size probe (bsc#1051510).
- md: fix invalid stored role for a disk (bsc#1051510).
- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
- media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() (bsc#1051510).
- media: au0828: stop video streaming only when last user stops (bsc#1051510).
- media: coda: clear error return value before picture run (bsc#1051510).
- media: cpia2: Fix use-after-free in cpia2_exit (bsc#1051510).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
- media: go7007: avoid clang frame overflow warning with KASAN (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend (bsc#1051510).
- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: ov2659: make S_FMT succeed even if requested format does not match (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: saa7146: avoid high stack usage with clang (bsc#1051510).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: smsusb: better handle optional alignment (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: usb: siano: Fix false-positive 'uninitialized variable' warning (bsc#1051510).
- media: usb: siano: Fix general protection fault in smsusb (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- memcg: make it work on sparse non-0-node systems (bnc#1133616).
- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
- mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L (bsc#1051510).
- mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values (bsc#1051510).
- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).
- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
- mm: hwpoison: fix thp split handing in soft_offline_in_use_page() (bsc#1130699, CVE-2019-10124).
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).
- mmc: core: Verify SD bus width (bsc#1051510).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).
- mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).
- mmc: sdhci-of-esdhc: add erratum A-009204 support (bsc#1051510).
- mmc: sdhci-of-esdhc: add erratum eSDHC5 support (bsc#1051510).
- mmc_spi: add a status check for spi_sync_locked (bsc#1051510).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: Fix possible buffer overflows at parsing bss descriptor
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).
- net/ibmvnic: Remove tests of member address (bsc#1137739).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/ipv4: defensive cipso option parsing (git-fixes).
- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).
- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).
- net/mlx5e: Fix trailing semicolon (bsc#1075020).
- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).
- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).
- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).
- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).
- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).
- net: Fix a bug in removing queues from XPS map (git-fixes).
- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).
- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).
- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
- net: do not keep lonely packets forever in the gro hash (git-fixes).
- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).
- net: dsa: legacy: do not unmask port bitmaps (git-fixes).
- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).
- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).
- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).
- net: initialize skb->peeked when cloning (git-fixes).
- net: make skb_partial_csum_set() more robust against overflows (git-fixes).
- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).
- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
- net: rose: fix a possible stack overflow (networking-stable-19_03_28).
- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).
- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).
- net: test tailroom before appending to linear skb (git-fixes).
- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).
- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
- net: use indirect call wrappers at GRO network layer (bsc#1124503).
- net: use indirect call wrappers at GRO transport layer (bsc#1124503).
- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).
- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
- netfilter: drop template ct when conntrack is skipped (git-fixes).
- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).
- netfilter: ebtables: handle string from userspace with care (git-fixes).
- netfilter: ebtables: reject non-bridge targets (git-fixes).
- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).
- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).
- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).
- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).
- netfilter: nf_tables: fix leaking object reference count (git-fixes).
- netfilter: nf_tables: release chain in flushing set (git-fixes).
- netfilter: nft_compat: do not dump private area (git-fixes).
- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).
- netlink: fix uninit-value in netlink_sendmsg (git-fixes).
- nfs add module option to limit NFSv4 minor version (jsc#PM-231).
- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
- nfs: Enable NFSv4.2 support - jsc@PM-231
- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).
- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
- nvme: Do not remove namespaces during reset (bsc#1131673).
- nvme: flush scan_work when resetting controller (bsc#1131673).
- objtool: Fix function fallthrough detection (bsc#1058115).
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (git-fixes).
- packet: refine ring v3 block size test to hold one frame (git-fixes).
- packet: reset network header if packet shorter than ll reserved space (git-fixes).
- packet: validate msg_namelen in send directly (git-fixes).
- packets: Always register packet sk in the same order (networking-stable-19_03_28).
- parport: Fix mem leak in parport_register_dev_model (bsc#1051510).
- pci: Factor out pcie_retrain_link() function (git-fixes).
- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).
- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).
- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).
- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).
- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
- powerpc/process: Fix sparse address space warnings (bsc#1065729).
- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).
- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
- proc/kcore: do not bounds check against address 0 (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtc: 88pm860x: prevent use-after-free on device remove (bsc#1051510).
- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
- rtc: do not reference bogus function pointer in kdoc (bsc#1051510).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
- rtlwifi: fix a potential NULL pointer dereference (bsc#1051510).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).
- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- scripts/bugzilla-create: Set 'Proactive-Upstream-Fix' keyword
- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi: qedf: fixup bit operations (bsc#1135542).
- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).
- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).
- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).
- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).
- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).
- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).
- scsi: qla2xxx: Remove unused symbols (bsc#1118139).
- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).
- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).
- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).
- sctp: fix identification of new acks for SFR-CACC (git-fixes).
- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).
- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).
- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).
- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- signal: Always notice exiting tasks (git-fixes).
- signal: Better detection of synchronous signals (git-fixes).
- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
- snd: re-export snd_cards for kABI compatibility (bsc#1051510).
- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- spi: Micrel eth switch: declare missing of table (bsc#1051510).
- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- staging: vc04_services: Fix a couple error codes (bsc#1051510).
- staging: vc04_services: prevent integer overflow in create_pagelist() (bsc#1051510).
- staging: wlan-ng: fix adapter initialization failure (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- switchtec: Fix unintended mask of MRPC event (git-fixes).
- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: purge write queue in tcp_connect_init() (git-fixes).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).
- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).
- team: set slave to promisc if team is already in promisc mode (bsc#1051510).
- test_firmware: Use correct snprintf() limit (bsc#1135642).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
- thunderbolt: Fix to check for kmemdup failure (bsc#1051510).
- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).
- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).
- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
- tipc: missing entries in name table of publications (networking-stable-19_04_19).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- treewide: Use DEVICE_ATTR_WO (bsc#1137739).
- tty/vt: fix write/write race in ioctl(KDSKBSENT) handler (bsc#1051510).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: ipwireless: fix missing checks for ioremap (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: serial: msm_serial: Fix XON/XOFF (bsc#1051510).
- tty: serial_core, add ->install (bnc#1129693).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).
- tun: properly test for IFF_UP (networking-stable-19_03_28).
- uas: fix alignment of scatter/gather segments (bsc#1129770).
- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: Add LPM quirk for Surface Dock GigE adapter (bsc#1051510).
- usb: Fix slab-out-of-bounds write in usb_get_bos_descriptor (bsc#1051510).
- usb: cdc-acm: fix unthrottle races (bsc#1051510).
- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown (bsc#1051510).
- usb: core: Do not unbind interfaces following device reset failure (bsc#1051510).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: rio500: fix memory leak in close after disconnect (bsc#1051510).
- usb: rio500: refuse more than one device at a time (bsc#1051510).
- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- usb: serial: fix unthrottle races (bsc#1051510).
- usb: sisusbvga: fix oops in error path of sisusb_probe (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- usb: yurex: Fix protection fault after device removal (bsc#1051510).
- usbip: usbip_host: fix BUG: sleeping function called from invalid context (bsc#1051510).
- usbip: usbip_host: fix stub_dev lock context imbalance regression (bsc#1051510).
- usbnet: fix kernel crash after disconnect (bsc#1051510).
- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- vhost: reject zero size iova range (networking-stable-19_04_19).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).
- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vt: always call notifier with the console lock held (bsc#1051510).
- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).
- vxlan: trivial indenting fix (bsc#1051510).
- vxlan: use __be32 type for the param vni in __vxlan_fdb_delete (bsc#1051510).
- w1: fix the resume command API (bsc#1051510).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- xen/pciback: Do not disable pci_COMMAND on pci device reset (bsc#1065600).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
- xfrm6: call kfree_skb when skb is toobig (git-fixes).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
- xfrm: Return error on unknown encap_type in init_state (git-fixes).
- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).
- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).
- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
- xfs: add log item pinning error injection tag (bsc#1114427).
- xfs: buffer lru reference count error injection tag (bsc#1114427).
- xfs: check _btree_check_block value (bsc#1123663).
- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
- xfs: create block pointer check functions (bsc#1123663).
- xfs: create inode pointer verifiers (bsc#1114427).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
- xfs: export various function for the online scrubber (bsc#1123663).
- xfs: expose errortag knobs via sysfs (bsc#1114427).
- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
- xfs: force summary counter recalc at next mount (bsc#1114427).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: make errortag a per-mountpoint structure (bsc#1123663).
- xfs: move error injection tags into their own file (bsc#1114427).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor btree block header checking functions (bsc#1123663).
- xfs: refactor btree pointer checks (bsc#1123663).
- xfs: refactor unmount record write (bsc#1114427).
- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
- xfs: sanity-check the unused space before trying to use it (bsc#1123663).
- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).
- xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() (bsc#1051510).
- xhci: Use %zu for printing size_t type (bsc#1051510).
- xhci: update bounce buffer with correct sg num (bsc#1051510).
Patchnames
SUSE-2019-1535,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1535,SUSE-SLE-Module-Public-Cloud-15-2019-1535
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 15 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will\nfragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an\nexpensive linked-list walk for subsequent SACKs received for that same TCP connection.\n- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)\n- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)\n- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)\n- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\\0' character. (bnc#1134848)\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)\n- CVE-2019-10124: An attacker could exploit an issue in the hwpoison implementation to cause a denial of service (BUG). (bsc#1130699)\n\nThe following non-security bugs were fixed:\n\n- 9p locks: add mount option for lock retry interval (bsc#1051510).\n- acpi / property: fix handling of data_nodes in acpi_get_next_subnode() (bsc#1051510).\n- acpi / utils: Drop reference in test for device presence (bsc#1051510).\n- acpi: button: reinitialize button state upon resume (bsc#1051510).\n- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).\n- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).\n- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).\n- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).\n- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).\n- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).\n- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).\n- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).\n- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).\n- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: hda/realtek - EAPD turn on later (bsc#1051510).\n- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).\n- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).\n- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).\n- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).\n- alsa: hda/realtek - Set default power save node to 0 (bsc#1051510).\n- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).\n- alsa: line6: use dynamic buffers (bsc#1051510).\n- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).\n- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- alsa: timer: Coding style fixes (bsc#1051510).\n- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- alsa: timer: Make sure to clear pending ack list (bsc#1051510).\n- alsa: timer: Revert active callback sync check at close (bsc#1051510).\n- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- alsa: timer: Unify timer callback process code (bsc#1051510).\n- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).\n- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- alsa: usx2y: fix a double free bug (bsc#1051510).\n- appletalk: Fix compile regression (bsc#1051510).\n- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).\n- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).\n- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).\n- arm64/x86: Update config files. Use CONFIG_ARCH_SUPPORTS_acpi\n- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).\n- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).\n- arm64: fix acpi dependencies (bsc#1117158).\n- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).\n- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).\n- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).\n- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).\n- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).\n- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).\n- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).\n- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).\n- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).\n- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).\n- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).\n- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- asoc: eukrea-tlv320: fix a leaked reference by adding missing of_node_put (bsc#1051510).\n- asoc: fix valid stream condition (bsc#1051510).\n- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- asoc: fsl_sai: Update is_slave_mode with correct value (bsc#1051510).\n- asoc: fsl_utils: fix a leaked reference by adding missing of_node_put (bsc#1051510).\n- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- asoc: hdmi-codec: unlock the device on startup errors (bsc#1051510).\n- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- asoc: stm32: fix sai driver name initialisation (bsc#1051510).\n- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).\n- batman-adv: allow updating DAT entry timeouts on incoming ARP Replies (bsc#1051510).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: treat stale and dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).\n- block: fix the return errno for direct IO (bsc#1135320).\n- block: fix use-after-free on gendisk (bsc#1135312).\n- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).\n- bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).\n- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).\n- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).\n- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).\n- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).\n- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).\n- bpf: Add missed newline in verifier verbose log (bsc#1056787).\n- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- brcmfmac: convert dev_init_lock mutex to completion (bsc#1051510).\n- brcmfmac: fix Oops when bringing up interface during usb disconnect (bsc#1051510).\n- brcmfmac: fix WARNING during usb disconnect in case of unempty psq (bsc#1051510).\n- brcmfmac: fix missing checks for kmemdup (bsc#1051510).\n- brcmfmac: fix race during disconnect when usb completion is in progress (bsc#1051510).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).\n- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).\n- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).\n- btrfs: fix race updating log root item during fsync (bsc#1137153).\n- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).\n- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- chardev: add additional check for minor range overlap (bsc#1051510).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- config: Debug kernel is not supported (bsc#1135492).\n- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).\n- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).\n- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).\n- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- dccp: Fix memleak in __feat_register_sp (bsc#1051510).\n- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- debugfs: fix use-after-free on symlink traversal (bsc#1051510).\n- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).\n- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- docs: Fix conf.py for Sphinx 2.0 (bsc#1135642).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- documentation: Correct the possible MDS sysfs values (bsc#1135642).\n- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).\n- drm/amdgpu: fix old fence check in amdgpu_fence_emit (bsc#1051510).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).\n- drm/drv: Hold ref on parent device during drm_device lifetime (bsc#1051510).\n- drm/etnaviv: lock MMU while dumping core (bsc#1113722)\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).\n- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)\n- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)\n- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).\n- drm/i915/gvt: refine ggtt range validation (bsc#1113722)\n- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).\n- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)\n- drm/rockchip: fix for mailbox read validation (bsc#1051510).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).\n- drm: Wake up next in drm_read() chain if we are forced to putback the event (bsc#1051510).\n- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).\n- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).\n- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).\n- efi/arm: libstub: add a root memreserve config table (bsc#1117158).\n- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).\n- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).\n- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).\n- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).\n- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).\n- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).\n- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).\n- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).\n- ext4: actually request zeroing of inode table after grow (bsc#1135315).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).\n- ext4: make sanity check in mballoc more strict (bsc#1136439).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- extcon: arizona: Disable mic detect if running when driver is removed (bsc#1051510).\n- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)\n- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)\n- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).\n- fix rtnh_ok() (git-fixes).\n- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).\n- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- fuse: fallocate: fix return with locked inode (bsc#1051510).\n- fuse: fix writepages on 32bit (bsc#1051510).\n- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate (bsc#1051510).\n- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- gpio: Remove obsolete comment about gpiochip_free_hogs() usage (bsc#1051510).\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpio: fix gpio-adp5588 build errors (bsc#1051510).\n- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).\n- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).\n- hid: input: add mapping for Assistant key (bsc#1051510).\n- hid: input: add mapping for Expose/Overview key (bsc#1051510).\n- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).\n- hid: logitech-hidpp: change low battery level threshold from 31 to 30 percent (bsc#1051510).\n- hid: logitech-hidpp: use RAP instead of FAP to get the protocol version (bsc#1051510).\n- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- hwmon: (core) add thermal sensors only if dev->of_node is present (bsc#1051510).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pmbus/core) Treat parameters as paged if on multiple pages (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwrng: omap - Set default quality (bsc#1051510).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).\n- i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr (bsc#1051510).\n- ibmvnic: Add device identification to requested IRQs (bsc#1137739).\n- ibmvnic: Do not close unopened driver during reset (bsc#1137752).\n- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).\n- ibmvnic: Refresh device multicast list after reset (bsc#1137752).\n- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).\n- igmp: fix incorrect unsolicit report count when join group (git-fixes).\n- iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion (bsc#1051510).\n- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).\n- iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data (bsc#1051510).\n- iio: hmc5843: fix potential NULL pointer dereferences (bsc#1051510).\n- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).\n- inetpeer: fix uninit-value in inet_getpeer (git-fixes).\n- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).\n- input: introduce KEY_ASSISTANT (bsc#1051510).\n- input: synaptics-rmi4 - fix possible double free (bsc#1051510).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).\n- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).\n- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).\n- ip_gre: fix parsing gre header in ipgre_err (git-fixes).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).\n- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).\n- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).\n- ipmi_ssif: update patch reference for ipmi_ssif fix (bsc#1135120)\n- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).\n- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).\n- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).\n- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).\n- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).\n- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).\n- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).\n- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).\n- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).\n- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).\n- ipvlan: fix ipv6 outbound device (bsc#1051510).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).\n- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).\n- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).\n- ipvs: fix buffer overflow with sync daemon and service (git-fixes).\n- ipvs: fix check on xmit to non-local addresses (git-fixes).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).\n- ipvs: fix stats update from local clients (git-fixes).\n- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).\n- iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() (bsc#1051510).\n- iwlwifi: pcie: do not crash on invalid RX interrupt (bsc#1051510).\n- jbd2: check superblock mapped prior to committing (bsc#1136430).\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kABI: protect dma-mapping.h include (kabi).\n- kABI: protect ip_options_rcv_srr (kabi).\n- kABI: protect struct mlx5_td (kabi).\n- kABI: protect struct pci_dev (kabi).\n- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).\n- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).\n- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).\n- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).\n- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- kvm: PPC: Book3S HV: Avoid lockdep debugging in TCE realmode handlers (bsc#1061840).\n- kvm: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts (bsc#1061840).\n- kvm: PPC: Book3S: Protect memslots while validating user address (bsc#1061840).\n- kvm: PPC: Release all hardware TCE tables attached to a group (bsc#1061840).\n- kvm: PPC: Remove redundand permission bits removal (bsc#1061840).\n- kvm: PPC: Validate TCEs against preregistered memory page sizes (bsc#1061840).\n- kvm: PPC: Validate all tces before updating tables (bsc#1061840).\n- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).\n- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).\n- kvm: s390: use created_vcpus in more places (bsc#1136206).\n- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).\n- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).\n- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).\n- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).\n- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).\n- leds: avoid flush_work in atomic context (bsc#1051510).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).\n- livepatch: Remove custom kobject state handling (bsc#1071995).\n- livepatch: Remove duplicated code for early initialization (bsc#1071995).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mISDN: Check address length before reading address family (bsc#1051510).\n- mac80211/cfg80211: update bss channel on channel switch (bsc#1051510).\n- mac80211: Fix kernel panic due to use of txq after free (bsc#1051510).\n- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).\n- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).\n- mac8390: Fix mmio access size probe (bsc#1051510).\n- md: fix invalid stored role for a disk (bsc#1051510).\n- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).\n- media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() (bsc#1051510).\n- media: au0828: stop video streaming only when last user stops (bsc#1051510).\n- media: coda: clear error return value before picture run (bsc#1051510).\n- media: cpia2: Fix use-after-free in cpia2_exit (bsc#1051510).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).\n- media: go7007: avoid clang frame overflow warning with KASAN (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend (bsc#1051510).\n- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: ov2659: make S_FMT succeed even if requested format does not match (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: saa7146: avoid high stack usage with clang (bsc#1051510).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: smsusb: better handle optional alignment (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: usb: siano: Fix false-positive 'uninitialized variable' warning (bsc#1051510).\n- media: usb: siano: Fix general protection fault in smsusb (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- memcg: make it work on sparse non-0-node systems (bnc#1133616).\n- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).\n- mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L (bsc#1051510).\n- mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values (bsc#1051510).\n- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).\n- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)\n- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).\n- mm: hwpoison: fix thp split handing in soft_offline_in_use_page() (bsc#1130699, CVE-2019-10124).\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).\n- mmc: core: Verify SD bus width (bsc#1051510).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).\n- mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem (bsc#1051510).\n- mmc: sdhci-of-esdhc: add erratum A-009204 support (bsc#1051510).\n- mmc: sdhci-of-esdhc: add erratum eSDHC5 support (bsc#1051510).\n- mmc_spi: add a status check for spi_sync_locked (bsc#1051510).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: Fix possible buffer overflows at parsing bss descriptor\n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).\n- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).\n- net/ibmvnic: Remove tests of member address (bsc#1137739).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/ipv4: defensive cipso option parsing (git-fixes).\n- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).\n- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).\n- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).\n- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).\n- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).\n- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).\n- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).\n- net/mlx5e: Fix trailing semicolon (bsc#1075020).\n- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).\n- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).\n- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).\n- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).\n- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).\n- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).\n- net: Fix a bug in removing queues from XPS map (git-fixes).\n- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).\n- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).\n- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).\n- net: do not keep lonely packets forever in the gro hash (git-fixes).\n- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).\n- net: dsa: legacy: do not unmask port bitmaps (git-fixes).\n- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).\n- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).\n- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).\n- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).\n- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).\n- net: initialize skb->peeked when cloning (git-fixes).\n- net: make skb_partial_csum_set() more robust against overflows (git-fixes).\n- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).\n- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).\n- net: rose: fix a possible stack overflow (networking-stable-19_03_28).\n- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).\n- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).\n- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).\n- net: test tailroom before appending to linear skb (git-fixes).\n- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).\n- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).\n- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).\n- net: use indirect call wrappers at GRO network layer (bsc#1124503).\n- net: use indirect call wrappers at GRO transport layer (bsc#1124503).\n- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).\n- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).\n- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).\n- netfilter: drop template ct when conntrack is skipped (git-fixes).\n- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).\n- netfilter: ebtables: handle string from userspace with care (git-fixes).\n- netfilter: ebtables: reject non-bridge targets (git-fixes).\n- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).\n- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).\n- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).\n- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).\n- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).\n- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).\n- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).\n- netfilter: nf_tables: fix leaking object reference count (git-fixes).\n- netfilter: nf_tables: release chain in flushing set (git-fixes).\n- netfilter: nft_compat: do not dump private area (git-fixes).\n- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).\n- netlink: fix uninit-value in netlink_sendmsg (git-fixes).\n- nfs add module option to limit NFSv4 minor version (jsc#PM-231).\n- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).\n- nfs: Enable NFSv4.2 support - jsc@PM-231\n- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).\n- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).\n- nvme: Do not remove namespaces during reset (bsc#1131673).\n- nvme: flush scan_work when resetting controller (bsc#1131673).\n- objtool: Fix function fallthrough detection (bsc#1058115).\n- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (git-fixes).\n- packet: refine ring v3 block size test to hold one frame (git-fixes).\n- packet: reset network header if packet shorter than ll reserved space (git-fixes).\n- packet: validate msg_namelen in send directly (git-fixes).\n- packets: Always register packet sk in the same order (networking-stable-19_03_28).\n- parport: Fix mem leak in parport_register_dev_model (bsc#1051510).\n- pci: Factor out pcie_retrain_link() function (git-fixes).\n- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).\n- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).\n- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).\n- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).\n- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).\n- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).\n- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).\n- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).\n- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).\n- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).\n- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).\n- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).\n- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).\n- powerpc/process: Fix sparse address space warnings (bsc#1065729).\n- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).\n- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).\n- proc/kcore: do not bounds check against address 0 (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).\n- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtc: 88pm860x: prevent use-after-free on device remove (bsc#1051510).\n- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).\n- rtc: do not reference bogus function pointer in kdoc (bsc#1051510).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).\n- rtlwifi: fix a potential NULL pointer dereference (bsc#1051510).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).\n- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).\n- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- scripts/bugzilla-create: Set 'Proactive-Upstream-Fix' keyword\n- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi: qedf: fixup bit operations (bsc#1135542).\n- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).\n- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).\n- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).\n- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).\n- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).\n- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).\n- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).\n- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).\n- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).\n- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).\n- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).\n- scsi: qla2xxx: Remove unused symbols (bsc#1118139).\n- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).\n- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).\n- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).\n- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).\n- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).\n- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).\n- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).\n- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).\n- sctp: fix identification of new acks for SFR-CACC (git-fixes).\n- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).\n- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).\n- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- signal: Always notice exiting tasks (git-fixes).\n- signal: Better detection of synchronous signals (git-fixes).\n- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).\n- snd: re-export snd_cards for kABI compatibility (bsc#1051510).\n- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- spi: Micrel eth switch: declare missing of table (bsc#1051510).\n- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- staging: vc04_services: Fix a couple error codes (bsc#1051510).\n- staging: vc04_services: prevent integer overflow in create_pagelist() (bsc#1051510).\n- staging: wlan-ng: fix adapter initialization failure (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- switchtec: Fix unintended mask of MRPC event (git-fixes).\n- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: purge write queue in tcp_connect_init() (git-fixes).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).\n- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).\n- team: set slave to promisc if team is already in promisc mode (bsc#1051510).\n- test_firmware: Use correct snprintf() limit (bsc#1135642).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).\n- thunderbolt: Fix to check for kmemdup failure (bsc#1051510).\n- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).\n- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).\n- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).\n- tipc: missing entries in name table of publications (networking-stable-19_04_19).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- treewide: Use DEVICE_ATTR_WO (bsc#1137739).\n- tty/vt: fix write/write race in ioctl(KDSKBSENT) handler (bsc#1051510).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: ipwireless: fix missing checks for ioremap (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: serial: msm_serial: Fix XON/XOFF (bsc#1051510).\n- tty: serial_core, add ->install (bnc#1129693).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).\n- tun: properly test for IFF_UP (networking-stable-19_03_28).\n- uas: fix alignment of scatter/gather segments (bsc#1129770).\n- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: Add LPM quirk for Surface Dock GigE adapter (bsc#1051510).\n- usb: Fix slab-out-of-bounds write in usb_get_bos_descriptor (bsc#1051510).\n- usb: cdc-acm: fix unthrottle races (bsc#1051510).\n- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown (bsc#1051510).\n- usb: core: Do not unbind interfaces following device reset failure (bsc#1051510).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: rio500: fix memory leak in close after disconnect (bsc#1051510).\n- usb: rio500: refuse more than one device at a time (bsc#1051510).\n- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- usb: serial: fix unthrottle races (bsc#1051510).\n- usb: sisusbvga: fix oops in error path of sisusb_probe (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- usb: yurex: Fix protection fault after device removal (bsc#1051510).\n- usbip: usbip_host: fix BUG: sleeping function called from invalid context (bsc#1051510).\n- usbip: usbip_host: fix stub_dev lock context imbalance regression (bsc#1051510).\n- usbnet: fix kernel crash after disconnect (bsc#1051510).\n- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- vhost: reject zero size iova range (networking-stable-19_04_19).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).\n- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vt: always call notifier with the console lock held (bsc#1051510).\n- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).\n- vxlan: trivial indenting fix (bsc#1051510).\n- vxlan: use __be32 type for the param vni in __vxlan_fdb_delete (bsc#1051510).\n- w1: fix the resume command API (bsc#1051510).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- xen/pciback: Do not disable pci_COMMAND on pci device reset (bsc#1065600).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).\n- xfrm6: call kfree_skb when skb is toobig (git-fixes).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).\n- xfrm: Return error on unknown encap_type in init_state (git-fixes).\n- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).\n- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).\n- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).\n- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).\n- xfs: add log item pinning error injection tag (bsc#1114427).\n- xfs: buffer lru reference count error injection tag (bsc#1114427).\n- xfs: check _btree_check_block value (bsc#1123663).\n- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).\n- xfs: create block pointer check functions (bsc#1123663).\n- xfs: create inode pointer verifiers (bsc#1114427).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).\n- xfs: export various function for the online scrubber (bsc#1123663).\n- xfs: expose errortag knobs via sysfs (bsc#1114427).\n- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).\n- xfs: force summary counter recalc at next mount (bsc#1114427).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: make errortag a per-mountpoint structure (bsc#1123663).\n- xfs: move error injection tags into their own file (bsc#1114427).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor btree block header checking functions (bsc#1123663).\n- xfs: refactor btree pointer checks (bsc#1123663).\n- xfs: refactor unmount record write (bsc#1114427).\n- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).\n- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).\n- xfs: sanity-check the unused space before trying to use it (bsc#1123663).\n- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).\n- xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() (bsc#1051510).\n- xhci: Use %zu for printing size_t type (bsc#1051510).\n- xhci: update bounce buffer with correct sg num (bsc#1051510).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1535,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1535,SUSE-SLE-Module-Public-Cloud-15-2019-1535", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1535-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1535-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191535-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1535-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005577.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1050242", url: "https://bugzilla.suse.com/1050242", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1055186", url: "https://bugzilla.suse.com/1055186", }, { category: "self", summary: "SUSE Bug 1056787", url: "https://bugzilla.suse.com/1056787", }, { category: "self", summary: "SUSE Bug 1058115", url: "https://bugzilla.suse.com/1058115", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1064802", url: "https://bugzilla.suse.com/1064802", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066129", url: "https://bugzilla.suse.com/1066129", }, { category: "self", summary: "SUSE Bug 1068546", url: "https://bugzilla.suse.com/1068546", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1075020", url: "https://bugzilla.suse.com/1075020", }, { category: "self", summary: "SUSE Bug 1082387", url: "https://bugzilla.suse.com/1082387", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1103992", url: "https://bugzilla.suse.com/1103992", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104427", url: "https://bugzilla.suse.com/1104427", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1108193", url: "https://bugzilla.suse.com/1108193", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1108937", url: "https://bugzilla.suse.com/1108937", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1114427", url: "https://bugzilla.suse.com/1114427", }, { category: "self", summary: "SUSE Bug 1115688", url: "https://bugzilla.suse.com/1115688", }, { category: "self", summary: "SUSE Bug 1117158", url: "https://bugzilla.suse.com/1117158", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1118139", url: "https://bugzilla.suse.com/1118139", }, { category: "self", summary: "SUSE Bug 1119843", url: "https://bugzilla.suse.com/1119843", }, { category: "self", summary: "SUSE Bug 1120091", url: "https://bugzilla.suse.com/1120091", }, { category: "self", summary: "SUSE Bug 1120423", url: "https://bugzilla.suse.com/1120423", }, { category: "self", summary: "SUSE Bug 1120566", url: "https://bugzilla.suse.com/1120566", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1123454", url: "https://bugzilla.suse.com/1123454", }, { category: "self", summary: "SUSE Bug 1123663", url: "https://bugzilla.suse.com/1123663", }, { category: "self", summary: "SUSE Bug 1124503", url: "https://bugzilla.suse.com/1124503", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1127616", url: "https://bugzilla.suse.com/1127616", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1128904", url: "https://bugzilla.suse.com/1128904", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129273", url: "https://bugzilla.suse.com/1129273", }, { category: "self", summary: "SUSE Bug 1129497", url: "https://bugzilla.suse.com/1129497", }, { category: "self", summary: "SUSE Bug 1129693", url: "https://bugzilla.suse.com/1129693", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1130579", url: "https://bugzilla.suse.com/1130579", }, { category: "self", summary: "SUSE Bug 1130699", url: "https://bugzilla.suse.com/1130699", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131326", url: "https://bugzilla.suse.com/1131326", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133190", url: "https://bugzilla.suse.com/1133190", }, { category: "self", summary: "SUSE Bug 1133320", url: "https://bugzilla.suse.com/1133320", }, { category: "self", summary: "SUSE Bug 1133612", url: "https://bugzilla.suse.com/1133612", }, { category: "self", summary: "SUSE Bug 1133616", url: "https://bugzilla.suse.com/1133616", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134199", url: "https://bugzilla.suse.com/1134199", }, { category: "self", summary: "SUSE Bug 1134200", url: "https://bugzilla.suse.com/1134200", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134203", url: "https://bugzilla.suse.com/1134203", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134354", url: "https://bugzilla.suse.com/1134354", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134460", url: "https://bugzilla.suse.com/1134460", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134537", url: "https://bugzilla.suse.com/1134537", }, { category: "self", summary: "SUSE Bug 1134597", url: "https://bugzilla.suse.com/1134597", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134671", url: "https://bugzilla.suse.com/1134671", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1134936", url: "https://bugzilla.suse.com/1134936", }, { category: "self", summary: "SUSE Bug 1135006", url: "https://bugzilla.suse.com/1135006", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135056", url: "https://bugzilla.suse.com/1135056", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135278", url: "https://bugzilla.suse.com/1135278", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135309", url: "https://bugzilla.suse.com/1135309", }, { category: "self", summary: "SUSE Bug 1135312", url: "https://bugzilla.suse.com/1135312", }, { category: "self", summary: "SUSE Bug 1135314", url: "https://bugzilla.suse.com/1135314", }, { category: "self", summary: "SUSE Bug 1135315", url: "https://bugzilla.suse.com/1135315", }, { category: "self", summary: "SUSE Bug 1135316", url: "https://bugzilla.suse.com/1135316", }, { category: "self", summary: "SUSE Bug 1135320", url: "https://bugzilla.suse.com/1135320", }, { category: "self", summary: "SUSE Bug 1135323", url: "https://bugzilla.suse.com/1135323", }, { category: "self", summary: "SUSE Bug 1135330", url: "https://bugzilla.suse.com/1135330", }, { category: "self", summary: "SUSE Bug 1135492", url: "https://bugzilla.suse.com/1135492", }, { category: "self", summary: "SUSE Bug 1135542", url: "https://bugzilla.suse.com/1135542", }, { category: "self", summary: "SUSE Bug 1135556", url: "https://bugzilla.suse.com/1135556", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135758", url: "https://bugzilla.suse.com/1135758", }, { category: "self", summary: "SUSE Bug 1136206", url: "https://bugzilla.suse.com/1136206", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136428", url: "https://bugzilla.suse.com/1136428", }, { category: "self", summary: "SUSE Bug 1136430", url: "https://bugzilla.suse.com/1136430", }, { category: "self", summary: "SUSE Bug 1136432", url: "https://bugzilla.suse.com/1136432", }, { category: "self", summary: "SUSE Bug 1136434", url: "https://bugzilla.suse.com/1136434", }, { category: "self", summary: "SUSE Bug 1136435", url: "https://bugzilla.suse.com/1136435", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136439", url: "https://bugzilla.suse.com/1136439", }, { category: "self", summary: "SUSE Bug 1136477", url: "https://bugzilla.suse.com/1136477", }, { category: "self", summary: "SUSE Bug 1136478", url: "https://bugzilla.suse.com/1136478", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136881", url: "https://bugzilla.suse.com/1136881", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137151", url: "https://bugzilla.suse.com/1137151", }, { category: "self", summary: "SUSE Bug 1137152", url: "https://bugzilla.suse.com/1137152", }, { category: "self", summary: "SUSE Bug 1137153", url: "https://bugzilla.suse.com/1137153", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137372", url: "https://bugzilla.suse.com/1137372", }, { category: "self", summary: "SUSE Bug 1137444", url: "https://bugzilla.suse.com/1137444", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 1137739", url: "https://bugzilla.suse.com/1137739", }, { category: "self", summary: "SUSE Bug 1137752", url: "https://bugzilla.suse.com/1137752", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-10124 page", url: "https://www.suse.com/security/cve/CVE-2019-10124/", }, { category: "self", summary: "SUSE CVE CVE-2019-11085 page", url: "https://www.suse.com/security/cve/CVE-2019-11085/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11487 page", url: "https://www.suse.com/security/cve/CVE-2019-11487/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-17T17:22:41Z", generator: { date: "2019-06-17T17:22:41Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1535-1", initial_release_date: "2019-06-17T17:22:41Z", revision_history: [ { date: "2019-06-17T17:22:41Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.12.14-5.30.1.noarch", product: { name: "kernel-devel-azure-4.12.14-5.30.1.noarch", product_id: "kernel-devel-azure-4.12.14-5.30.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.12.14-5.30.1.noarch", product: { name: "kernel-source-azure-4.12.14-5.30.1.noarch", product_id: "kernel-source-azure-4.12.14-5.30.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-4.12.14-5.30.1.x86_64", product: { name: "cluster-md-kmp-azure-4.12.14-5.30.1.x86_64", product_id: "cluster-md-kmp-azure-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-4.12.14-5.30.1.x86_64", product: { name: "dlm-kmp-azure-4.12.14-5.30.1.x86_64", product_id: "dlm-kmp-azure-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-4.12.14-5.30.1.x86_64", product: { name: "gfs2-kmp-azure-4.12.14-5.30.1.x86_64", product_id: "gfs2-kmp-azure-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-4.12.14-5.30.1.x86_64", product: { name: "kernel-azure-4.12.14-5.30.1.x86_64", product_id: "kernel-azure-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.12.14-5.30.1.x86_64", product: { name: "kernel-azure-base-4.12.14-5.30.1.x86_64", product_id: "kernel-azure-base-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.12.14-5.30.1.x86_64", product: { name: "kernel-azure-devel-4.12.14-5.30.1.x86_64", product_id: "kernel-azure-devel-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-4.12.14-5.30.1.x86_64", product: { name: "kernel-azure-extra-4.12.14-5.30.1.x86_64", product_id: "kernel-azure-extra-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-livepatch-4.12.14-5.30.1.x86_64", product: { name: "kernel-azure-livepatch-4.12.14-5.30.1.x86_64", product_id: "kernel-azure-livepatch-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.12.14-5.30.1.x86_64", product: { name: "kernel-syms-azure-4.12.14-5.30.1.x86_64", product_id: "kernel-syms-azure-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-4.12.14-5.30.1.x86_64", product: { name: "kselftests-kmp-azure-4.12.14-5.30.1.x86_64", product_id: "kselftests-kmp-azure-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-4.12.14-5.30.1.x86_64", product: { name: "ocfs2-kmp-azure-4.12.14-5.30.1.x86_64", product_id: "ocfs2-kmp-azure-4.12.14-5.30.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-azure-4.12.14-5.30.1.x86_64", product: { name: "reiserfs-kmp-azure-4.12.14-5.30.1.x86_64", product_id: "reiserfs-kmp-azure-4.12.14-5.30.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-5.30.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", }, product_reference: "kernel-azure-4.12.14-5.30.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-5.30.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-5.30.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-5.30.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-5.30.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-5.30.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-5.30.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-5.30.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-5.30.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-5.30.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-5.30.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, ], }, vulnerabilities: [ { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-10124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10124", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10124", url: "https://www.suse.com/security/cve/CVE-2019-10124", }, { category: "external", summary: "SUSE Bug 1130699 for CVE-2019-10124", url: "https://bugzilla.suse.com/1130699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "moderate", }, ], title: "CVE-2019-10124", }, { cve: "CVE-2019-11085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11085", }, ], notes: [ { category: "general", text: "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11085", url: "https://www.suse.com/security/cve/CVE-2019-11085", }, { category: "external", summary: "SUSE Bug 1135278 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135278", }, { category: "external", summary: "SUSE Bug 1135280 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135280", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "important", }, ], title: "CVE-2019-11085", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11487", }, ], notes: [ { category: "general", text: "The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11487", url: "https://www.suse.com/security/cve/CVE-2019-11487", }, { category: "external", summary: "SUSE Bug 1133190 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133190", }, { category: "external", summary: "SUSE Bug 1133191 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "important", }, ], title: "CVE-2019-11487", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.30.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.30.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.30.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:22:41Z", details: "moderate", }, ], title: "CVE-2019-5489", }, ], }
suse-su-2019:1529-1
Vulnerability from csaf_suse
Published
2019-06-17 17:18
Modified
2019-06-17 17:18
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will
fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an
expensive linked-list walk for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)
- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)
- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. (bnc#1134848)
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
- 9p locks: add mount option for lock retry interval (bsc#1051510).
- acpi / utils: Drop reference in test for device presence (bsc#1051510).
- acpi: button: reinitialize button state upon resume (bsc#1051510).
- acpi: fix menuconfig presentation of ACPI submenu (bsc#1117158).
- acpicA: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).
- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: hda/realtek - EAPD turn on later (bsc#1051510).
- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).
- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
- alsa: line6: use dynamic buffers (bsc#1051510).
- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- alsa: timer: Coding style fixes (bsc#1051510).
- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- alsa: timer: Make sure to clear pending ack list (bsc#1051510).
- alsa: timer: Revert active callback sync check at close (bsc#1051510).
- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- alsa: timer: Unify timer callback process code (bsc#1051510).
- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- alsa: usx2y: fix a double free bug (bsc#1051510).
- appletalk: Fix compile regression (bsc#1051510).
- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).
- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
- arm64: acpi: fix alignment fault in accessing ACPI (bsc#1117158).
- arm64: fix ACPI dependencies (bsc#1117158).
- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- asoc: fix valid stream condition (bsc#1051510).
- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- asoc: stm32: fix sai driver name initialisation (bsc#1051510).
- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: treat stale and dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
- block: fix the return errno for direct IO (bsc#1135320).
- block: fix use-after-free on gendisk (bsc#1135312).
- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
- bluetooth: hidp: fix buffer overflow (bsc#1051510).
- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).
- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).
- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).
- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).
- bpf: Add missed newline in verifier verbose log (bsc#1056787).
- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).
- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).
- btrfs: fix race updating log root item during fsync (bsc#1137153).
- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).
- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- dccp: Fix memleak in __feat_register_sp (bsc#1051510).
- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- debugfs: fix use-after-free on symlink traversal (bsc#1051510).
- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
- drm/etnaviv: lock MMU while dumping core (bsc#1113722)
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)
- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).
- drm/i915/gvt: refine ggtt range validation (bsc#1113722)
- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
- drm/rockchip: fix for mailbox read validation (bsc#1051510).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).
- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).
- efi/arm: Do not mark ACPI reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).
- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
- efi/arm: libstub: add a root memreserve config table (bsc#1117158).
- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).
- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).
- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).
- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).
- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).
- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).
- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).
- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).
- ext4: actually request zeroing of inode table after grow (bsc#1135315).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
- ext4: make sanity check in mballoc more strict (bsc#1136439).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
- fix rtnh_ok() (git-fixes).
- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).
- hid: input: add mapping for Assistant key (bsc#1051510).
- hid: input: add mapping for Expose/Overview key (bsc#1051510).
- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
- ibmvnic: Add device identification to requested IRQs (bsc#1137739).
- ibmvnic: Do not close unopened driver during reset (bsc#1137752).
- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
- ibmvnic: Refresh device multicast list after reset (bsc#1137752).
- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
- igmp: fix incorrect unsolicit report count when join group (git-fixes).
- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).
- inetpeer: fix uninit-value in inet_getpeer (git-fixes).
- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
- input: introduce KEY_ASSISTANT (bsc#1051510).
- input: synaptics-rmi4 - fix possible double free (bsc#1051510).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).
- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).
- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).
- ip_gre: fix parsing gre header in ipgre_err (git-fixes).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).
- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).
- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).
- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).
- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
- ipvlan: fix ipv6 outbound device (bsc#1051510).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
- ipvs: fix buffer overflow with sync daemon and service (git-fixes).
- ipvs: fix check on xmit to non-local addresses (git-fixes).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
- ipvs: fix stats update from local clients (git-fixes).
- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
- jbd2: check superblock mapped prior to committing (bsc#1136430).
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kABI: protect dma-mapping.h include (kabi).
- kABI: protect ip_options_rcv_srr (kabi).
- kABI: protect struct mlx5_td (kabi).
- kABI: protect struct pci_dev (kabi).
- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586)
- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).
- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
- kvm: s390: use created_vcpus in more places (bsc#1136206).
- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- libata: fix using DMA buffers on stack (bsc#1051510).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).
- livepatch: Remove custom kobject state handling (bsc#1071995).
- livepatch: Remove duplicated code for early initialization (bsc#1071995).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mISDN: Check address length before reading address family (bsc#1051510).
- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
- mac8390: Fix mmio access size probe (bsc#1051510).
- md: fix invalid stored role for a disk (bsc#1051510).
- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- memcg: make it work on sparse non-0-node systems (bnc#1133616).
- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).
- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: Fix possible buffer overflows at parsing bss descriptor
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).
- net/ibmvnic: Remove tests of member address (bsc#1137739).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/ipv4: defensive cipso option parsing (git-fixes).
- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).
- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).
- net/mlx5e: Fix trailing semicolon (bsc#1075020).
- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).
- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).
- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).
- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).
- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).
- net: Fix a bug in removing queues from XPS map (git-fixes).
- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).
- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).
- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
- net: do not keep lonely packets forever in the gro hash (git-fixes).
- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).
- net: dsa: legacy: do not unmask port bitmaps (git-fixes).
- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).
- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).
- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).
- net: initialize skb->peeked when cloning (git-fixes).
- net: make skb_partial_csum_set() more robust against overflows (git-fixes).
- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).
- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
- net: rose: fix a possible stack overflow (networking-stable-19_03_28).
- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).
- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).
- net: test tailroom before appending to linear skb (git-fixes).
- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).
- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
- net: use indirect call wrappers at GRO network layer (bsc#1124503).
- net: use indirect call wrappers at GRO transport layer (bsc#1124503).
- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).
- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
- netfilter: drop template ct when conntrack is skipped (git-fixes).
- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).
- netfilter: ebtables: handle string from userspace with care (git-fixes).
- netfilter: ebtables: reject non-bridge targets (git-fixes).
- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).
- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).
- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).
- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).
- netfilter: nf_tables: fix leaking object reference count (git-fixes).
- netfilter: nf_tables: release chain in flushing set (git-fixes).
- netfilter: nft_compat: do not dump private area (git-fixes).
- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).
- netlink: fix uninit-value in netlink_sendmsg (git-fixes).
- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
- nfs: add module option to limit NFSv4 minor version (jsc#PM-231).
- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).
- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
- nvme: Do not remove namespaces during reset (bsc#1131673).
- nvme: flush scan_work when resetting controller (bsc#1131673).
- objtool: Fix function fallthrough detection (bsc#1058115).
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (git-fixes).
- packet: refine ring v3 block size test to hold one frame (git-fixes).
- packet: reset network header if packet shorter than ll reserved space (git-fixes).
- packet: validate msg_namelen in send directly (git-fixes).
- packets: Always register packet sk in the same order (networking-stable-19_03_28).
- pci: Factor out pcie_retrain_link() function (git-fixes).
- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
- pci: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum (git-fixes).
- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).
- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).
- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).
- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
- powerpc/process: Fix sparse address space warnings (bsc#1065729).
- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).
- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
- proc/kcore: do not bounds check against address 0 (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).
- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi: qedf: fixup bit operations (bsc#1135542).
- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).
- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).
- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).
- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).
- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).
- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).
- scsi: qla2xxx: Remove unused symbols (bsc#1118139).
- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
- scsi: qla2xxx: fix error message (bsc#1118139).
- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).
- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).
- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).
- sctp: fix identification of new acks for SFR-CACC (git-fixes).
- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).
- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).
- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- signal: Always notice exiting tasks (git-fixes).
- signal: Better detection of synchronous signals (git-fixes).
- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- spi: Micrel eth switch: declare missing of table (bsc#1051510).
- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- switchtec: Fix unintended mask of MRPC event (git-fixes).
- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: purge write queue in tcp_connect_init() (git-fixes).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).
- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).
- team: set slave to promisc if team is already in promisc mode (bsc#1051510).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).
- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).
- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
- tipc: missing entries in name table of publications (networking-stable-19_04_19).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- treewide: Use DEVICE_ATTR_WO (bsc#1137739).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: serial_core, add ->install (bnc#1129693).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).
- tun: properly test for IFF_UP (networking-stable-19_03_28).
- uas: fix alignment of scatter/gather segments (bsc#1129770).
- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: cdc-acm: fix unthrottle races (bsc#1051510).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- usb: serial: fix unthrottle races (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- usb: yurex: Fix protection fault after device removal (bsc#1051510).
- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- vhost: reject zero size iova range (networking-stable-19_04_19).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).
- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vt: always call notifier with the console lock held (bsc#1051510).
- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
- xfrm6: call kfree_skb when skb is toobig (git-fixes).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
- xfrm: Return error on unknown encap_type in init_state (git-fixes).
- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).
- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).
- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
- xfs: add log item pinning error injection tag (bsc#1114427).
- xfs: buffer lru reference count error injection tag (bsc#1114427).
- xfs: check _btree_check_block value (bsc#1123663).
- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
- xfs: create block pointer check functions (bsc#1123663).
- xfs: create inode pointer verifiers (bsc#1114427).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
- xfs: export various function for the online scrubber (bsc#1123663).
- xfs: expose errortag knobs via sysfs (bsc#1114427).
- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
- xfs: force summary counter recalc at next mount (bsc#1114427).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: make errortag a per-mountpoint structure (bsc#1123663).
- xfs: move error injection tags into their own file (bsc#1114427).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor btree block header checking functions (bsc#1123663).
- xfs: refactor btree pointer checks (bsc#1123663).
- xfs: refactor unmount record write (bsc#1114427).
- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
- xfs: sanity-check the unused space before trying to use it (bsc#1123663).
- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).
Patchnames
SUSE-2019-1529,SUSE-SLE-Module-Basesystem-15-2019-1529,SUSE-SLE-Module-Development-Tools-15-2019-1529,SUSE-SLE-Module-Development-Tools-OBS-15-2019-1529,SUSE-SLE-Module-Legacy-15-2019-1529,SUSE-SLE-Module-Live-Patching-15-2019-1529,SUSE-SLE-Product-HA-15-2019-1529,SUSE-SLE-Product-WE-15-2019-1529
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will\nfragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an\nexpensive linked-list walk for subsequent SACKs received for that same TCP connection.\n- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)\n- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)\n- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)\n- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character. (bnc#1134848)\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)\n\nThe following non-security bugs were fixed:\n\n- 9p locks: add mount option for lock retry interval (bsc#1051510).\n- acpi / utils: Drop reference in test for device presence (bsc#1051510).\n- acpi: button: reinitialize button state upon resume (bsc#1051510).\n- acpi: fix menuconfig presentation of ACPI submenu (bsc#1117158).\n- acpicA: AML interpreter: add region addresses in global list during initialization (bsc#1051510).\n- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).\n- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).\n- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).\n- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).\n- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).\n- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).\n- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).\n- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: hda/realtek - EAPD turn on later (bsc#1051510).\n- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).\n- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).\n- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).\n- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).\n- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).\n- alsa: line6: use dynamic buffers (bsc#1051510).\n- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).\n- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- alsa: timer: Coding style fixes (bsc#1051510).\n- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- alsa: timer: Make sure to clear pending ack list (bsc#1051510).\n- alsa: timer: Revert active callback sync check at close (bsc#1051510).\n- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- alsa: timer: Unify timer callback process code (bsc#1051510).\n- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).\n- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- alsa: usx2y: fix a double free bug (bsc#1051510).\n- appletalk: Fix compile regression (bsc#1051510).\n- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).\n- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).\n- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).\n- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).\n- arm64: acpi: fix alignment fault in accessing ACPI (bsc#1117158).\n- arm64: fix ACPI dependencies (bsc#1117158).\n- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).\n- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).\n- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).\n- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).\n- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).\n- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).\n- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).\n- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).\n- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).\n- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).\n- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).\n- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- asoc: fix valid stream condition (bsc#1051510).\n- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- asoc: stm32: fix sai driver name initialisation (bsc#1051510).\n- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: treat stale and dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).\n- block: fix the return errno for direct IO (bsc#1135320).\n- block: fix use-after-free on gendisk (bsc#1135312).\n- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).\n- bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).\n- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).\n- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).\n- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).\n- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).\n- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).\n- bpf: Add missed newline in verifier verbose log (bsc#1056787).\n- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).\n- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).\n- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).\n- btrfs: fix race updating log root item during fsync (bsc#1137153).\n- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).\n- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).\n- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).\n- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).\n- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- dccp: Fix memleak in __feat_register_sp (bsc#1051510).\n- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- debugfs: fix use-after-free on symlink traversal (bsc#1051510).\n- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).\n- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).\n- drm/etnaviv: lock MMU while dumping core (bsc#1113722)\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).\n- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)\n- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)\n- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).\n- drm/i915/gvt: refine ggtt range validation (bsc#1113722)\n- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).\n- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)\n- drm/rockchip: fix for mailbox read validation (bsc#1051510).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).\n- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).\n- efi/arm: Do not mark ACPI reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).\n- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).\n- efi/arm: libstub: add a root memreserve config table (bsc#1117158).\n- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).\n- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).\n- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).\n- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).\n- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).\n- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).\n- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).\n- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).\n- ext4: actually request zeroing of inode table after grow (bsc#1135315).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).\n- ext4: make sanity check in mballoc more strict (bsc#1136439).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)\n- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)\n- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).\n- fix rtnh_ok() (git-fixes).\n- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).\n- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).\n- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).\n- hid: input: add mapping for Assistant key (bsc#1051510).\n- hid: input: add mapping for Expose/Overview key (bsc#1051510).\n- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).\n- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).\n- ibmvnic: Add device identification to requested IRQs (bsc#1137739).\n- ibmvnic: Do not close unopened driver during reset (bsc#1137752).\n- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).\n- ibmvnic: Refresh device multicast list after reset (bsc#1137752).\n- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).\n- igmp: fix incorrect unsolicit report count when join group (git-fixes).\n- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).\n- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).\n- inetpeer: fix uninit-value in inet_getpeer (git-fixes).\n- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).\n- input: introduce KEY_ASSISTANT (bsc#1051510).\n- input: synaptics-rmi4 - fix possible double free (bsc#1051510).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).\n- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).\n- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).\n- ip_gre: fix parsing gre header in ipgre_err (git-fixes).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).\n- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).\n- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).\n- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).\n- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).\n- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).\n- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).\n- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).\n- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).\n- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).\n- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).\n- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).\n- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).\n- ipvlan: fix ipv6 outbound device (bsc#1051510).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).\n- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).\n- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).\n- ipvs: fix buffer overflow with sync daemon and service (git-fixes).\n- ipvs: fix check on xmit to non-local addresses (git-fixes).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).\n- ipvs: fix stats update from local clients (git-fixes).\n- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).\n- jbd2: check superblock mapped prior to committing (bsc#1136430).\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kABI: protect dma-mapping.h include (kabi).\n- kABI: protect ip_options_rcv_srr (kabi).\n- kABI: protect struct mlx5_td (kabi).\n- kABI: protect struct pci_dev (kabi).\n- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586)\n- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).\n- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).\n- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).\n- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).\n- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).\n- kvm: s390: use created_vcpus in more places (bsc#1136206).\n- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).\n- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).\n- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).\n- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).\n- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).\n- livepatch: Remove custom kobject state handling (bsc#1071995).\n- livepatch: Remove duplicated code for early initialization (bsc#1071995).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mISDN: Check address length before reading address family (bsc#1051510).\n- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).\n- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).\n- mac8390: Fix mmio access size probe (bsc#1051510).\n- md: fix invalid stored role for a disk (bsc#1051510).\n- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- memcg: make it work on sparse non-0-node systems (bnc#1133616).\n- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).\n- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).\n- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).\n- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: Fix possible buffer overflows at parsing bss descriptor\n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).\n- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).\n- net/ibmvnic: Remove tests of member address (bsc#1137739).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/ipv4: defensive cipso option parsing (git-fixes).\n- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).\n- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).\n- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).\n- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).\n- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).\n- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).\n- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).\n- net/mlx5e: Fix trailing semicolon (bsc#1075020).\n- net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).\n- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).\n- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).\n- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).\n- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).\n- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).\n- net: Fix a bug in removing queues from XPS map (git-fixes).\n- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).\n- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).\n- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).\n- net: do not keep lonely packets forever in the gro hash (git-fixes).\n- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).\n- net: dsa: legacy: do not unmask port bitmaps (git-fixes).\n- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).\n- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).\n- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).\n- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).\n- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).\n- net: initialize skb->peeked when cloning (git-fixes).\n- net: make skb_partial_csum_set() more robust against overflows (git-fixes).\n- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).\n- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).\n- net: rose: fix a possible stack overflow (networking-stable-19_03_28).\n- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).\n- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).\n- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).\n- net: test tailroom before appending to linear skb (git-fixes).\n- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).\n- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).\n- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).\n- net: use indirect call wrappers at GRO network layer (bsc#1124503).\n- net: use indirect call wrappers at GRO transport layer (bsc#1124503).\n- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).\n- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).\n- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).\n- netfilter: drop template ct when conntrack is skipped (git-fixes).\n- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).\n- netfilter: ebtables: handle string from userspace with care (git-fixes).\n- netfilter: ebtables: reject non-bridge targets (git-fixes).\n- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).\n- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).\n- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).\n- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).\n- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).\n- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).\n- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).\n- netfilter: nf_tables: fix leaking object reference count (git-fixes).\n- netfilter: nf_tables: release chain in flushing set (git-fixes).\n- netfilter: nft_compat: do not dump private area (git-fixes).\n- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).\n- netlink: fix uninit-value in netlink_sendmsg (git-fixes).\n- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).\n- nfs: add module option to limit NFSv4 minor version (jsc#PM-231).\n- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).\n- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).\n- nvme: Do not remove namespaces during reset (bsc#1131673).\n- nvme: flush scan_work when resetting controller (bsc#1131673).\n- objtool: Fix function fallthrough detection (bsc#1058115).\n- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (git-fixes).\n- packet: refine ring v3 block size test to hold one frame (git-fixes).\n- packet: reset network header if packet shorter than ll reserved space (git-fixes).\n- packet: validate msg_namelen in send directly (git-fixes).\n- packets: Always register packet sk in the same order (networking-stable-19_03_28).\n- pci: Factor out pcie_retrain_link() function (git-fixes).\n- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).\n- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).\n- pci: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum (git-fixes).\n- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).\n- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).\n- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).\n- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).\n- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).\n- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).\n- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).\n- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).\n- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).\n- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).\n- powerpc/process: Fix sparse address space warnings (bsc#1065729).\n- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).\n- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).\n- proc/kcore: do not bounds check against address 0 (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).\n- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).\n- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).\n- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi: qedf: fixup bit operations (bsc#1135542).\n- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).\n- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).\n- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).\n- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).\n- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).\n- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).\n- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).\n- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).\n- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).\n- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).\n- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).\n- scsi: qla2xxx: Remove unused symbols (bsc#1118139).\n- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).\n- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).\n- scsi: qla2xxx: fix error message (bsc#1118139).\n- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).\n- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).\n- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).\n- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).\n- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).\n- sctp: fix identification of new acks for SFR-CACC (git-fixes).\n- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).\n- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- signal: Always notice exiting tasks (git-fixes).\n- signal: Better detection of synchronous signals (git-fixes).\n- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).\n- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- spi: Micrel eth switch: declare missing of table (bsc#1051510).\n- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- switchtec: Fix unintended mask of MRPC event (git-fixes).\n- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#1137586).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: purge write queue in tcp_connect_init() (git-fixes).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).\n- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).\n- team: set slave to promisc if team is already in promisc mode (bsc#1051510).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).\n- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).\n- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).\n- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).\n- tipc: missing entries in name table of publications (networking-stable-19_04_19).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- treewide: Use DEVICE_ATTR_WO (bsc#1137739).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: serial_core, add ->install (bnc#1129693).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).\n- tun: properly test for IFF_UP (networking-stable-19_03_28).\n- uas: fix alignment of scatter/gather segments (bsc#1129770).\n- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: cdc-acm: fix unthrottle races (bsc#1051510).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- usb: serial: fix unthrottle races (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- usb: yurex: Fix protection fault after device removal (bsc#1051510).\n- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- vhost: reject zero size iova range (networking-stable-19_04_19).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).\n- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vt: always call notifier with the console lock held (bsc#1051510).\n- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).\n- xfrm6: call kfree_skb when skb is toobig (git-fixes).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).\n- xfrm: Return error on unknown encap_type in init_state (git-fixes).\n- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).\n- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).\n- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).\n- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).\n- xfs: add log item pinning error injection tag (bsc#1114427).\n- xfs: buffer lru reference count error injection tag (bsc#1114427).\n- xfs: check _btree_check_block value (bsc#1123663).\n- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).\n- xfs: create block pointer check functions (bsc#1123663).\n- xfs: create inode pointer verifiers (bsc#1114427).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).\n- xfs: export various function for the online scrubber (bsc#1123663).\n- xfs: expose errortag knobs via sysfs (bsc#1114427).\n- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).\n- xfs: force summary counter recalc at next mount (bsc#1114427).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: make errortag a per-mountpoint structure (bsc#1123663).\n- xfs: move error injection tags into their own file (bsc#1114427).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor btree block header checking functions (bsc#1123663).\n- xfs: refactor btree pointer checks (bsc#1123663).\n- xfs: refactor unmount record write (bsc#1114427).\n- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).\n- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).\n- xfs: sanity-check the unused space before trying to use it (bsc#1123663).\n- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1529,SUSE-SLE-Module-Basesystem-15-2019-1529,SUSE-SLE-Module-Development-Tools-15-2019-1529,SUSE-SLE-Module-Development-Tools-OBS-15-2019-1529,SUSE-SLE-Module-Legacy-15-2019-1529,SUSE-SLE-Module-Live-Patching-15-2019-1529,SUSE-SLE-Product-HA-15-2019-1529,SUSE-SLE-Product-WE-15-2019-1529", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1529-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1529-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191529-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1529-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005571.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1050242", url: "https://bugzilla.suse.com/1050242", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1055186", url: "https://bugzilla.suse.com/1055186", }, { category: "self", summary: "SUSE Bug 1056787", url: "https://bugzilla.suse.com/1056787", }, { category: "self", summary: "SUSE Bug 1058115", url: "https://bugzilla.suse.com/1058115", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1064802", url: "https://bugzilla.suse.com/1064802", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066129", url: "https://bugzilla.suse.com/1066129", }, { category: "self", summary: "SUSE Bug 1068546", url: "https://bugzilla.suse.com/1068546", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1075020", url: "https://bugzilla.suse.com/1075020", }, { category: "self", summary: "SUSE Bug 1082387", url: "https://bugzilla.suse.com/1082387", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1103992", url: "https://bugzilla.suse.com/1103992", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104427", url: "https://bugzilla.suse.com/1104427", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1108193", url: "https://bugzilla.suse.com/1108193", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1108937", url: "https://bugzilla.suse.com/1108937", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1114427", url: "https://bugzilla.suse.com/1114427", }, { category: "self", summary: "SUSE Bug 1115688", url: "https://bugzilla.suse.com/1115688", }, { category: "self", summary: "SUSE Bug 1117158", url: "https://bugzilla.suse.com/1117158", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1118139", url: "https://bugzilla.suse.com/1118139", }, { category: "self", summary: "SUSE Bug 1119843", url: "https://bugzilla.suse.com/1119843", }, { category: "self", summary: "SUSE Bug 1120091", url: "https://bugzilla.suse.com/1120091", }, { category: "self", summary: "SUSE Bug 1120423", url: "https://bugzilla.suse.com/1120423", }, { category: "self", summary: "SUSE Bug 1120566", url: "https://bugzilla.suse.com/1120566", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1123454", url: "https://bugzilla.suse.com/1123454", }, { category: "self", summary: "SUSE Bug 1123663", url: "https://bugzilla.suse.com/1123663", }, { category: "self", summary: "SUSE Bug 1124503", url: "https://bugzilla.suse.com/1124503", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1127616", url: "https://bugzilla.suse.com/1127616", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1128904", url: "https://bugzilla.suse.com/1128904", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129273", url: "https://bugzilla.suse.com/1129273", }, { category: "self", summary: "SUSE Bug 1129497", url: "https://bugzilla.suse.com/1129497", }, { category: "self", summary: "SUSE Bug 1129693", url: "https://bugzilla.suse.com/1129693", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1130579", url: "https://bugzilla.suse.com/1130579", }, { category: "self", summary: "SUSE Bug 1130699", url: "https://bugzilla.suse.com/1130699", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131326", url: "https://bugzilla.suse.com/1131326", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133190", url: "https://bugzilla.suse.com/1133190", }, { category: "self", summary: "SUSE Bug 1133320", url: "https://bugzilla.suse.com/1133320", }, { category: "self", summary: "SUSE Bug 1133612", url: "https://bugzilla.suse.com/1133612", }, { category: "self", summary: "SUSE Bug 1133616", url: "https://bugzilla.suse.com/1133616", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134199", url: "https://bugzilla.suse.com/1134199", }, { category: "self", summary: "SUSE Bug 1134200", url: "https://bugzilla.suse.com/1134200", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134203", url: "https://bugzilla.suse.com/1134203", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134354", url: "https://bugzilla.suse.com/1134354", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134460", url: "https://bugzilla.suse.com/1134460", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134537", url: "https://bugzilla.suse.com/1134537", }, { category: "self", summary: "SUSE Bug 1134597", url: "https://bugzilla.suse.com/1134597", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134671", url: "https://bugzilla.suse.com/1134671", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1134936", url: "https://bugzilla.suse.com/1134936", }, { category: "self", summary: "SUSE Bug 1135006", url: "https://bugzilla.suse.com/1135006", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135056", url: "https://bugzilla.suse.com/1135056", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135278", url: "https://bugzilla.suse.com/1135278", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135309", url: "https://bugzilla.suse.com/1135309", }, { category: "self", summary: "SUSE Bug 1135312", url: "https://bugzilla.suse.com/1135312", }, { category: "self", summary: "SUSE Bug 1135314", url: "https://bugzilla.suse.com/1135314", }, { category: "self", summary: "SUSE Bug 1135315", url: "https://bugzilla.suse.com/1135315", }, { category: "self", summary: "SUSE Bug 1135316", url: "https://bugzilla.suse.com/1135316", }, { category: "self", summary: "SUSE Bug 1135320", url: "https://bugzilla.suse.com/1135320", }, { category: "self", summary: "SUSE Bug 1135323", url: "https://bugzilla.suse.com/1135323", }, { category: "self", summary: "SUSE Bug 1135330", url: "https://bugzilla.suse.com/1135330", }, { category: "self", summary: "SUSE Bug 1135492", url: "https://bugzilla.suse.com/1135492", }, { category: "self", summary: "SUSE Bug 1135542", url: "https://bugzilla.suse.com/1135542", }, { category: "self", summary: "SUSE Bug 1135556", url: "https://bugzilla.suse.com/1135556", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135758", url: "https://bugzilla.suse.com/1135758", }, { category: "self", summary: "SUSE Bug 1136206", url: "https://bugzilla.suse.com/1136206", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136428", url: "https://bugzilla.suse.com/1136428", }, { category: "self", summary: "SUSE Bug 1136430", url: "https://bugzilla.suse.com/1136430", }, { category: "self", summary: "SUSE Bug 1136432", url: "https://bugzilla.suse.com/1136432", }, { category: "self", summary: "SUSE Bug 1136434", url: "https://bugzilla.suse.com/1136434", }, { category: "self", summary: "SUSE Bug 1136435", url: "https://bugzilla.suse.com/1136435", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136439", url: "https://bugzilla.suse.com/1136439", }, { category: "self", summary: "SUSE Bug 1136477", url: "https://bugzilla.suse.com/1136477", }, { category: "self", summary: "SUSE Bug 1136478", url: "https://bugzilla.suse.com/1136478", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136881", url: "https://bugzilla.suse.com/1136881", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137151", url: "https://bugzilla.suse.com/1137151", }, { category: "self", summary: "SUSE Bug 1137152", url: "https://bugzilla.suse.com/1137152", }, { category: "self", summary: "SUSE Bug 1137153", url: "https://bugzilla.suse.com/1137153", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137372", url: "https://bugzilla.suse.com/1137372", }, { category: "self", summary: "SUSE Bug 1137444", url: "https://bugzilla.suse.com/1137444", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 1137739", url: "https://bugzilla.suse.com/1137739", }, { category: "self", summary: "SUSE Bug 1137752", url: "https://bugzilla.suse.com/1137752", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-10124 page", url: "https://www.suse.com/security/cve/CVE-2019-10124/", }, { category: "self", summary: "SUSE CVE CVE-2019-11085 page", url: "https://www.suse.com/security/cve/CVE-2019-11085/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11487 page", url: "https://www.suse.com/security/cve/CVE-2019-11487/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-17T17:18:29Z", generator: { date: "2019-06-17T17:18:29Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1529-1", initial_release_date: "2019-06-17T17:18:29Z", revision_history: [ { date: "2019-06-17T17:18:29Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150.22.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-150.22.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150.22.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-150.22.1.aarch64", product_id: "dlm-kmp-default-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-al-4.12.14-150.22.1.aarch64", product: { name: "dtb-al-4.12.14-150.22.1.aarch64", product_id: "dtb-al-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-allwinner-4.12.14-150.22.1.aarch64", product: { name: "dtb-allwinner-4.12.14-150.22.1.aarch64", product_id: "dtb-allwinner-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-altera-4.12.14-150.22.1.aarch64", product: { name: "dtb-altera-4.12.14-150.22.1.aarch64", product_id: "dtb-altera-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-amd-4.12.14-150.22.1.aarch64", product: { name: "dtb-amd-4.12.14-150.22.1.aarch64", product_id: "dtb-amd-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-amlogic-4.12.14-150.22.1.aarch64", product: { name: "dtb-amlogic-4.12.14-150.22.1.aarch64", product_id: "dtb-amlogic-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-apm-4.12.14-150.22.1.aarch64", product: { name: "dtb-apm-4.12.14-150.22.1.aarch64", product_id: "dtb-apm-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-arm-4.12.14-150.22.1.aarch64", product: { name: "dtb-arm-4.12.14-150.22.1.aarch64", product_id: "dtb-arm-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-broadcom-4.12.14-150.22.1.aarch64", product: { name: "dtb-broadcom-4.12.14-150.22.1.aarch64", product_id: "dtb-broadcom-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-cavium-4.12.14-150.22.1.aarch64", product: { name: "dtb-cavium-4.12.14-150.22.1.aarch64", product_id: "dtb-cavium-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-exynos-4.12.14-150.22.1.aarch64", product: { name: "dtb-exynos-4.12.14-150.22.1.aarch64", product_id: "dtb-exynos-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-freescale-4.12.14-150.22.1.aarch64", product: { name: "dtb-freescale-4.12.14-150.22.1.aarch64", product_id: "dtb-freescale-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-hisilicon-4.12.14-150.22.1.aarch64", product: { name: "dtb-hisilicon-4.12.14-150.22.1.aarch64", product_id: "dtb-hisilicon-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-lg-4.12.14-150.22.1.aarch64", product: { name: "dtb-lg-4.12.14-150.22.1.aarch64", product_id: "dtb-lg-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-marvell-4.12.14-150.22.1.aarch64", product: { name: "dtb-marvell-4.12.14-150.22.1.aarch64", product_id: "dtb-marvell-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-mediatek-4.12.14-150.22.1.aarch64", product: { name: "dtb-mediatek-4.12.14-150.22.1.aarch64", product_id: "dtb-mediatek-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-nvidia-4.12.14-150.22.1.aarch64", product: { name: "dtb-nvidia-4.12.14-150.22.1.aarch64", product_id: "dtb-nvidia-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-qcom-4.12.14-150.22.1.aarch64", product: { name: "dtb-qcom-4.12.14-150.22.1.aarch64", product_id: "dtb-qcom-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-renesas-4.12.14-150.22.1.aarch64", product: { name: "dtb-renesas-4.12.14-150.22.1.aarch64", product_id: "dtb-renesas-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-rockchip-4.12.14-150.22.1.aarch64", product: { name: "dtb-rockchip-4.12.14-150.22.1.aarch64", product_id: "dtb-rockchip-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-socionext-4.12.14-150.22.1.aarch64", product: { name: "dtb-socionext-4.12.14-150.22.1.aarch64", product_id: "dtb-socionext-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-sprd-4.12.14-150.22.1.aarch64", product: { name: "dtb-sprd-4.12.14-150.22.1.aarch64", product_id: "dtb-sprd-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-xilinx-4.12.14-150.22.1.aarch64", product: { name: "dtb-xilinx-4.12.14-150.22.1.aarch64", product_id: "dtb-xilinx-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "dtb-zte-4.12.14-150.22.1.aarch64", product: { name: "dtb-zte-4.12.14-150.22.1.aarch64", product_id: "dtb-zte-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150.22.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-150.22.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.12.14-150.22.1.aarch64", product: { name: "kernel-default-4.12.14-150.22.1.aarch64", product_id: "kernel-default-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150.22.1.aarch64", product: { name: "kernel-default-base-4.12.14-150.22.1.aarch64", product_id: "kernel-default-base-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150.22.1.aarch64", product: { name: "kernel-default-devel-4.12.14-150.22.1.aarch64", product_id: "kernel-default-devel-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150.22.1.aarch64", product: { name: "kernel-default-extra-4.12.14-150.22.1.aarch64", product_id: "kernel-default-extra-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150.22.1.aarch64", product: { name: "kernel-default-livepatch-4.12.14-150.22.1.aarch64", product_id: "kernel-default-livepatch-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150.22.1.aarch64", product: { name: "kernel-obs-build-4.12.14-150.22.1.aarch64", product_id: "kernel-obs-build-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150.22.1.aarch64", product: { name: "kernel-obs-qa-4.12.14-150.22.1.aarch64", product_id: "kernel-obs-qa-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150.22.1.aarch64", product: { name: "kernel-syms-4.12.14-150.22.1.aarch64", product_id: "kernel-syms-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150.22.1.aarch64", product: { name: "kernel-vanilla-4.12.14-150.22.1.aarch64", product_id: "kernel-vanilla-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150.22.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-150.22.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150.22.1.aarch64", product: { name: "kernel-vanilla-devel-4.12.14-150.22.1.aarch64", product_id: "kernel-vanilla-devel-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150.22.1.aarch64", product: { name: "kselftests-kmp-default-4.12.14-150.22.1.aarch64", product_id: "kselftests-kmp-default-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150.22.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-150.22.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-150.22.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150.22.1.aarch64", product: { name: "reiserfs-kmp-default-4.12.14-150.22.1.aarch64", product_id: "reiserfs-kmp-default-4.12.14-150.22.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-150.22.1.noarch", product: { name: "kernel-devel-4.12.14-150.22.1.noarch", product_id: "kernel-devel-4.12.14-150.22.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-150.22.1.noarch", product: { name: "kernel-docs-4.12.14-150.22.1.noarch", product_id: "kernel-docs-4.12.14-150.22.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-150.22.1.noarch", product: { name: "kernel-docs-html-4.12.14-150.22.1.noarch", product_id: "kernel-docs-html-4.12.14-150.22.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-150.22.1.noarch", product: { name: "kernel-macros-4.12.14-150.22.1.noarch", product_id: "kernel-macros-4.12.14-150.22.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-150.22.1.noarch", product: { name: "kernel-source-4.12.14-150.22.1.noarch", product_id: "kernel-source-4.12.14-150.22.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-150.22.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-150.22.1.noarch", product_id: "kernel-source-vanilla-4.12.14-150.22.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150.22.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-150.22.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150.22.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-150.22.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.12.14-150.22.1.ppc64le", product: { name: "kernel-debug-4.12.14-150.22.1.ppc64le", product_id: "kernel-debug-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-150.22.1.ppc64le", product: { name: "kernel-debug-base-4.12.14-150.22.1.ppc64le", product_id: "kernel-debug-base-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-150.22.1.ppc64le", product: { name: "kernel-debug-devel-4.12.14-150.22.1.ppc64le", product_id: "kernel-debug-devel-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.12.14-150.22.1.ppc64le", product: { name: "kernel-default-4.12.14-150.22.1.ppc64le", product_id: "kernel-default-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150.22.1.ppc64le", product: { name: "kernel-default-base-4.12.14-150.22.1.ppc64le", product_id: "kernel-default-base-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150.22.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-150.22.1.ppc64le", product_id: "kernel-default-devel-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150.22.1.ppc64le", product: { name: "kernel-default-extra-4.12.14-150.22.1.ppc64le", product_id: "kernel-default-extra-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150.22.1.ppc64le", product: { name: "kernel-default-livepatch-4.12.14-150.22.1.ppc64le", product_id: "kernel-default-livepatch-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", product: { name: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", product_id: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150.22.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-150.22.1.ppc64le", product_id: "kernel-obs-build-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150.22.1.ppc64le", product: { name: "kernel-obs-qa-4.12.14-150.22.1.ppc64le", product_id: "kernel-obs-qa-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150.22.1.ppc64le", product: { name: "kernel-syms-4.12.14-150.22.1.ppc64le", product_id: "kernel-syms-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150.22.1.ppc64le", product: { name: "kernel-vanilla-4.12.14-150.22.1.ppc64le", product_id: "kernel-vanilla-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150.22.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-150.22.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150.22.1.ppc64le", product: { name: "kernel-vanilla-devel-4.12.14-150.22.1.ppc64le", product_id: "kernel-vanilla-devel-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150.22.1.ppc64le", product: { name: "kselftests-kmp-default-4.12.14-150.22.1.ppc64le", product_id: "kselftests-kmp-default-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", product: { name: "reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", product_id: "reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150.22.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-150.22.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150.22.1.s390x", product: { name: "dlm-kmp-default-4.12.14-150.22.1.s390x", product_id: "dlm-kmp-default-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150.22.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-150.22.1.s390x", product_id: "gfs2-kmp-default-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.12.14-150.22.1.s390x", product: { name: "kernel-default-4.12.14-150.22.1.s390x", product_id: "kernel-default-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150.22.1.s390x", product: { name: "kernel-default-base-4.12.14-150.22.1.s390x", product_id: "kernel-default-base-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150.22.1.s390x", product: { name: "kernel-default-devel-4.12.14-150.22.1.s390x", product_id: "kernel-default-devel-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150.22.1.s390x", product: { name: "kernel-default-extra-4.12.14-150.22.1.s390x", product_id: "kernel-default-extra-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150.22.1.s390x", product: { name: "kernel-default-livepatch-4.12.14-150.22.1.s390x", product_id: "kernel-default-livepatch-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-150.22.1.s390x", product: { name: "kernel-default-man-4.12.14-150.22.1.s390x", product_id: "kernel-default-man-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150.22.1.s390x", product: { name: "kernel-obs-build-4.12.14-150.22.1.s390x", product_id: "kernel-obs-build-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150.22.1.s390x", product: { name: "kernel-obs-qa-4.12.14-150.22.1.s390x", product_id: "kernel-obs-qa-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150.22.1.s390x", product: { name: "kernel-syms-4.12.14-150.22.1.s390x", product_id: "kernel-syms-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150.22.1.s390x", product: { name: "kernel-vanilla-4.12.14-150.22.1.s390x", product_id: "kernel-vanilla-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150.22.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-150.22.1.s390x", product_id: "kernel-vanilla-base-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150.22.1.s390x", product: { name: "kernel-vanilla-devel-4.12.14-150.22.1.s390x", product_id: "kernel-vanilla-devel-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-150.22.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-150.22.1.s390x", product_id: "kernel-zfcpdump-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-man-4.12.14-150.22.1.s390x", product: { name: "kernel-zfcpdump-man-4.12.14-150.22.1.s390x", product_id: "kernel-zfcpdump-man-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150.22.1.s390x", product: { name: "kselftests-kmp-default-4.12.14-150.22.1.s390x", product_id: "kselftests-kmp-default-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150.22.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-150.22.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-150.22.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150.22.1.s390x", product: { name: "reiserfs-kmp-default-4.12.14-150.22.1.s390x", product_id: "reiserfs-kmp-default-4.12.14-150.22.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150.22.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-150.22.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150.22.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-150.22.1.x86_64", product_id: "dlm-kmp-default-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150.22.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-150.22.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.12.14-150.22.1.x86_64", product: { name: "kernel-debug-4.12.14-150.22.1.x86_64", product_id: "kernel-debug-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-150.22.1.x86_64", product: { name: "kernel-debug-base-4.12.14-150.22.1.x86_64", product_id: "kernel-debug-base-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-150.22.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-150.22.1.x86_64", product_id: "kernel-debug-devel-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-150.22.1.x86_64", product: { name: "kernel-default-4.12.14-150.22.1.x86_64", product_id: "kernel-default-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150.22.1.x86_64", product: { name: "kernel-default-base-4.12.14-150.22.1.x86_64", product_id: "kernel-default-base-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150.22.1.x86_64", product: { name: "kernel-default-devel-4.12.14-150.22.1.x86_64", product_id: "kernel-default-devel-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150.22.1.x86_64", product: { name: "kernel-default-extra-4.12.14-150.22.1.x86_64", product_id: "kernel-default-extra-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150.22.1.x86_64", product: { name: "kernel-default-livepatch-4.12.14-150.22.1.x86_64", product_id: "kernel-default-livepatch-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-150.22.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-150.22.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-150.22.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-150.22.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-150.22.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-150.22.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", product: { name: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", product_id: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150.22.1.x86_64", product: { name: "kernel-obs-build-4.12.14-150.22.1.x86_64", product_id: "kernel-obs-build-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150.22.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-150.22.1.x86_64", product_id: "kernel-obs-qa-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150.22.1.x86_64", product: { name: "kernel-syms-4.12.14-150.22.1.x86_64", product_id: "kernel-syms-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150.22.1.x86_64", product: { name: "kernel-vanilla-4.12.14-150.22.1.x86_64", product_id: "kernel-vanilla-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150.22.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-150.22.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150.22.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-150.22.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150.22.1.x86_64", product: { name: "kselftests-kmp-default-4.12.14-150.22.1.x86_64", product_id: "kselftests-kmp-default-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150.22.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-150.22.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-150.22.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150.22.1.x86_64", product: { name: "reiserfs-kmp-default-4.12.14-150.22.1.x86_64", product_id: "reiserfs-kmp-default-4.12.14-150.22.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15", product: { name: "SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15", product: { name: "SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15", product: { name: "SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15", product: { name: "SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15", product: { name: "SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15", product: { name: "SUSE Linux Enterprise Workstation Extension 15", product_id: "SUSE Linux Enterprise Workstation Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", }, product_reference: "kernel-default-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", }, product_reference: "kernel-default-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", }, product_reference: "kernel-default-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-default-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", }, product_reference: "kernel-default-base-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", }, product_reference: "kernel-default-man-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-150.22.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", }, product_reference: "kernel-devel-4.12.14-150.22.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-150.22.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", }, product_reference: "kernel-macros-4.12.14-150.22.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", }, product_reference: "kernel-zfcpdump-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-150.22.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", }, product_reference: "kernel-docs-4.12.14-150.22.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", }, product_reference: "kernel-obs-build-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-150.22.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", }, product_reference: "kernel-source-4.12.14-150.22.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", }, product_reference: "kernel-syms-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", }, product_reference: "kernel-syms-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-syms-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", }, product_reference: "kernel-vanilla-base-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", }, product_reference: "kernel-vanilla-base-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", }, product_reference: "kernel-vanilla-base-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-vanilla-base-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", }, product_reference: "reiserfs-kmp-default-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", }, product_reference: "reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", }, product_reference: "reiserfs-kmp-default-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", }, product_reference: "reiserfs-kmp-default-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", }, product_reference: "kernel-default-livepatch-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-default-livepatch-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", }, product_reference: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", }, product_reference: "kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", }, product_reference: "cluster-md-kmp-default-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", }, product_reference: "dlm-kmp-default-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", }, product_reference: "gfs2-kmp-default-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150.22.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", }, product_reference: "ocfs2-kmp-default-4.12.14-150.22.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150.22.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150.22.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-150.22.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-150.22.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15", product_id: "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-150.22.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15", }, ], }, vulnerabilities: [ { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-10124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10124", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10124", url: "https://www.suse.com/security/cve/CVE-2019-10124", }, { category: "external", summary: "SUSE Bug 1130699 for CVE-2019-10124", url: "https://bugzilla.suse.com/1130699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "moderate", }, ], title: "CVE-2019-10124", }, { cve: "CVE-2019-11085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11085", }, ], notes: [ { category: "general", text: "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11085", url: "https://www.suse.com/security/cve/CVE-2019-11085", }, { category: "external", summary: "SUSE Bug 1135278 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135278", }, { category: "external", summary: "SUSE Bug 1135280 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135280", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "important", }, ], title: "CVE-2019-11085", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11487", }, ], notes: [ { category: "general", text: "The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11487", url: "https://www.suse.com/security/cve/CVE-2019-11487", }, { category: "external", summary: "SUSE Bug 1133190 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133190", }, { category: "external", summary: "SUSE Bug 1133191 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "important", }, ], title: "CVE-2019-11487", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-150.22.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-150.22.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-150.22.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:29Z", details: "moderate", }, ], title: "CVE-2019-5489", }, ], }
suse-su-2019:1530-1
Vulnerability from csaf_suse
Published
2019-06-17 17:18
Modified
2019-06-17 17:18
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will
fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an
expensive linked-list walk for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)
- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)
- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\0' character. (bnc#1134848)
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
- 9p locks: add mount option for lock retry interval (bsc#1051510).
- Update config files. Debug kernel is not supported (bsc#1135492).
- acpi / utils: Drop reference in test for device presence (bsc#1051510).
- acpi: button: reinitialize button state upon resume (bsc#1051510).
- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).
- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).
- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: hda/realtek - EAPD turn on later (bsc#1051510).
- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).
- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- alsa: timer: Coding style fixes (bsc#1051510).
- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- alsa: timer: Make sure to clear pending ack list (bsc#1051510).
- alsa: timer: Revert active callback sync check at close (bsc#1051510).
- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- alsa: timer: Unify timer callback process code (bsc#1051510).
- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- alsa: usx2y: fix a double free bug (bsc#1051510).
- appletalk: Fix compile regression (bsc#1051510).
- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).
- arm64/x86: Update config files. Use CONFIG_ARCH_SUPPORTS_acpi
- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).
- arm64: fix acpi dependencies (bsc#1117158).
- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- asoc: fix valid stream condition (bsc#1051510).
- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- asoc: stm32: fix sai driver name initialisation (bsc#1051510).
- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: treat stale and dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
- block: fix the return errno for direct IO (bsc#1135320).
- block: fix use-after-free on gendisk (bsc#1135312).
- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
- bluetooth: hidp: fix buffer overflow (bsc#1051510).
- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).
- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).
- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).
- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).
- bpf: Add missed newline in verifier verbose log (bsc#1056787).
- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).
- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).
- btrfs: fix race updating log root item during fsync (bsc#1137153).
- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).
- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- dccp: Fix memleak in __feat_register_sp (bsc#1051510).
- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- debugfs: fix use-after-free on symlink traversal (bsc#1051510).
- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- documentation: Add MDS vulnerability documentation (bsc#1135642).
- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
- drm/etnaviv: lock MMU while dumping core (bsc#1113722)
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)
- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).
- drm/i915/gvt: refine ggtt range validation (bsc#1113722)
- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
- drm/rockchip: fix for mailbox read validation (bsc#1051510).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).
- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).
- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).
- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
- efi/arm: libstub: add a root memreserve config table (bsc#1117158).
- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).
- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).
- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).
- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).
- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).
- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).
- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).
- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).
- ext4: Do not warn when enabling DAX (bsc#1132894).
- ext4: actually request zeroing of inode table after grow (bsc#1135315).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
- ext4: make sanity check in mballoc more strict (bsc#1136439).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
- fix rtnh_ok() (git-fixes).
- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).
- hid: input: add mapping for Assistant key (bsc#1051510).
- hid: input: add mapping for Expose/Overview key (bsc#1051510).
- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- ibmvnic: Add device identification to requested IRQs (bsc#1137739).
- ibmvnic: Do not close unopened driver during reset (bsc#1137752).
- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
- ibmvnic: Refresh device multicast list after reset (bsc#1137752).
- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
- igmp: fix incorrect unsolicit report count when join group (git-fixes).
- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).
- inetpeer: fix uninit-value in inet_getpeer (git-fixes).
- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
- input: introduce KEY_ASSISTANT (bsc#1051510).
- input: synaptics-rmi4 - fix possible double free (bsc#1051510).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).
- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).
- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).
- ip_gre: fix parsing gre header in ipgre_err (git-fixes).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).
- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).
- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).
- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).
- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
- ipvlan: fix ipv6 outbound device (bsc#1051510).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
- ipvs: fix buffer overflow with sync daemon and service (git-fixes).
- ipvs: fix check on xmit to non-local addresses (git-fixes).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
- ipvs: fix stats update from local clients (git-fixes).
- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
- jbd2: check superblock mapped prior to committing (bsc#1136430).
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kABI: protect dma-mapping.h include (kabi).
- kABI: protect functions using struct net_generic (bsc#1130409 LTC#176346).
- kABI: protect ip_options_rcv_srr (kabi).
- kABI: protect struct mlx5_td (kabi).
- kABI: protect struct pci_dev (kabi).
- kABI: protect struct smc_ib_device (bsc#1130409 LTC#176346).
- kABI: protect struct smc_link (bsc#1129857 LTC#176247).
- kABI: protect struct smcd_dev (bsc#1130409 LTC#176346).
- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904 LTC#176078).
- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128905 LTC#176077).
- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
- kvm: s390: use created_vcpus in more places (bsc#1136206).
- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- libata: fix using DMA buffers on stack (bsc#1051510).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).
- livepatch: Remove custom kobject state handling (bsc#1071995).
- livepatch: Remove duplicated code for early initialization (bsc#1071995).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mISDN: Check address length before reading address family (bsc#1051510).
- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
- mac8390: Fix mmio access size probe (bsc#1051510).
- md: fix invalid stored role for a disk (bsc#1051510).
- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- memcg: make it work on sparse non-0-node systems (bnc#1133616).
- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).
- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: Fix possible buffer overflows at parsing bss descriptor
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).
- net/ibmvnic: Remove tests of member address (bsc#1137739).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/ipv4: defensive cipso option parsing (git-fixes).
- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).
- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).
- net/mlx5e: Fix trailing semicolon (bsc#1075020).
- net/mlx5e: IPoib, Reset QP after channels are closed (bsc#1075020).
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).
- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).
- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).
- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).
- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).
- net/smc: add pnet table namespace support (bsc#1130409 LTC#176346).
- net/smc: add smcd support to the pnet table (bsc#1130409 LTC#176346).
- net/smc: allow 16 byte pnetids in netlink policy (bsc#1129857 LTC#176247).
- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1130409 LTC#176346).
- net/smc: allow pnetid-less configuration (bsc#1130409 LTC#176346).
- net/smc: call smc_cdc_msg_send() under send_lock (bsc#1129857 LTC#176247).
- net/smc: check connections in smc_lgr_free_work (bsc#1129857 LTC#176247).
- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
- net/smc: check port_idx of ib event (bsc#1129857 LTC#176247).
- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1130409 LTC#176346).
- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
- net/smc: correct state change for peer closing (bsc#1129857 LTC#176247).
- net/smc: delete rkey first before switching to unused (bsc#1129857 LTC#176247).
- net/smc: do not wait for send buffer space when data was already sent (bsc#1129857 LTC#176247).
- net/smc: do not wait under send_lock (bsc#1129857 LTC#176247).
- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
- net/smc: fix another sizeof to int comparison (bsc#1129857 LTC#176247).
- net/smc: fix byte_order for rx_curs_confirmed (bsc#1129848 LTC#176249).
- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
- net/smc: fix sender_free computation (bsc#1129857 LTC#176247).
- net/smc: fix smc_poll in SMC_INIT state (bsc#1129848 LTC#176249).
- net/smc: fix use of variable in cleared area (bsc#1129857 LTC#176247).
- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
- net/smc: move code to clear the conn->lgr field (bsc#1129857 LTC#176247).
- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
- net/smc: move wake up of close waiter (bsc#1129857 LTC#176247).
- net/smc: no delay for free tx buffer wait (bsc#1129857 LTC#176247).
- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
- net/smc: postpone release of clcsock (bsc#1129857 LTC#176247).
- net/smc: preallocated memory for rdma work requests (bsc#1129857 LTC#176247).
- net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() (bsc#1129857 LTC#176247).
- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
- net/smc: recvmsg and splice_read should return 0 after shutdown (bsc#1129857 LTC#176247).
- net/smc: reduce amount of status updates to peer (bsc#1129857 LTC#176247).
- net/smc: reset cursor update required flag (bsc#1129857 LTC#176247).
- net/smc: rework pnet table (bsc#1130409 LTC#176346).
- net/smc: unlock LGR pending lock earlier for SMC-D (bsc#1129857 LTC#176247).
- net/smc: use client and server LGR pending locks for SMC-R (bsc#1129857 LTC#176247).
- net/smc: use device link provided in qp_context (bsc#1129857 LTC#176247).
- net/smc: use smc_curs_copy() for SMC-D (bsc#1129857 LTC#176247).
- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).
- net: Fix a bug in removing queues from XPS map (git-fixes).
- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).
- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).
- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
- net: do not keep lonely packets forever in the gro hash (git-fixes).
- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).
- net: dsa: legacy: do not unmask port bitmaps (git-fixes).
- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).
- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).
- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).
- net: initialize skb->peeked when cloning (git-fixes).
- net: make skb_partial_csum_set() more robust against overflows (git-fixes).
- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).
- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
- net: rose: fix a possible stack overflow (networking-stable-19_03_28).
- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).
- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).
- net: test tailroom before appending to linear skb (git-fixes).
- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).
- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
- net: use indirect call wrappers at GRO network layer (bsc#1124503).
- net: use indirect call wrappers at GRO transport layer (bsc#1124503).
- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).
- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
- netfilter: drop template ct when conntrack is skipped (git-fixes).
- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).
- netfilter: ebtables: handle string from userspace with care (git-fixes).
- netfilter: ebtables: reject non-bridge targets (git-fixes).
- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).
- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).
- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).
- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).
- netfilter: nf_tables: fix leaking object reference count (git-fixes).
- netfilter: nf_tables: release chain in flushing set (git-fixes).
- netfilter: nft_compat: do not dump private area (git-fixes).
- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).
- netlink: fix uninit-value in netlink_sendmsg (git-fixes).
- nfs add module option to limit nfsv4 minor version (jsc#PM-231).
- nfs: Enable nfsv4.2 support - jsc@PM-231 This requires a module parameter for nfsv4.2 to actually be available on SLE12 and SLE15-SP0
- nfsv4.x: always serialize open/close operations (bsc#1114893).
- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
- nvme: Do not remove namespaces during reset (bsc#1131673).
- nvme: flush scan_work when resetting controller (bsc#1131673).
- objtool: Fix function fallthrough detection (bsc#1058115).
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- p54: drop device reference count if fails to enable device (bsc#1135642).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (git-fixes).
- packet: refine ring v3 block size test to hold one frame (git-fixes).
- packet: reset network header if packet shorter than ll reserved space (git-fixes).
- packet: validate msg_namelen in send directly (git-fixes).
- packets: Always register packet sk in the same order (networking-stable-19_03_28).
- pci: Factor out pcie_retrain_link() function (git-fixes).
- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).
- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
- powerpc/process: Fix sparse address space warnings (bsc#1065729).
- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).
- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
- proc/kcore: do not bounds check against address 0 (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).
- s390/ism: ignore some errors during deregistration (bsc#1129857 LTC#176247).
- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi: qedf: fixup bit operations (bsc#1135542).
- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).
- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).
- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).
- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).
- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).
- scsi: qla2xxx: Remove unused symbols (bsc#1118139).
- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).
- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).
- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).
- sctp: fix identification of new acks for SFR-CACC (git-fixes).
- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).
- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).
- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).
- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- signal: Always notice exiting tasks (git-fixes).
- signal: Better detection of synchronous signals (git-fixes).
- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
- smc: move unhash as early as possible in smc_release() (bsc#1129857 LTC#176247).
- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- spi: Micrel eth switch: declare missing of table (bsc#1051510).
- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- switchtec: Fix unintended mask of MRPC event (git-fixes).
- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: purge write queue in tcp_connect_init() (git-fixes).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).
- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).
- team: set slave to promisc if team is already in promisc mode (bsc#1051510).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).
- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).
- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
- tipc: missing entries in name table of publications (networking-stable-19_04_19).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- treewide: Use DEVICE_ATTR_WO (bsc#1137739).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: serial_core, add ->install (bnc#1129693).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).
- tun: properly test for IFF_UP (networking-stable-19_03_28).
- uas: fix alignment of scatter/gather segments (bsc#1129770).
- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: cdc-acm: fix unthrottle races (bsc#1051510).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- usb: serial: fix unthrottle races (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- usb: yurex: Fix protection fault after device removal (bsc#1051510).
- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- vhost: reject zero size iova range (networking-stable-19_04_19).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).
- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vt: always call notifier with the console lock held (bsc#1051510).
- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
- xfrm6: call kfree_skb when skb is toobig (git-fixes).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
- xfrm: Return error on unknown encap_type in init_state (git-fixes).
- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).
- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).
- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
- xfs: add log item pinning error injection tag (bsc#1114427).
- xfs: buffer lru reference count error injection tag (bsc#1114427).
- xfs: check _btree_check_block value (bsc#1123663).
- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
- xfs: create block pointer check functions (bsc#1123663).
- xfs: create inode pointer verifiers (bsc#1114427).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
- xfs: export various function for the online scrubber (bsc#1123663).
- xfs: expose errortag knobs via sysfs (bsc#1114427).
- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
- xfs: force summary counter recalc at next mount (bsc#1114427).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: make errortag a per-mountpoint structure (bsc#1123663).
- xfs: move error injection tags into their own file (bsc#1114427).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor btree block header checking functions (bsc#1123663).
- xfs: refactor btree pointer checks (bsc#1123663).
- xfs: refactor unmount record write (bsc#1114427).
- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
- xfs: sanity-check the unused space before trying to use it (bsc#1123663).
- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).
Patchnames
SUSE-2019-1530,SUSE-SLE-DESKTOP-12-SP4-2019-1530,SUSE-SLE-HA-12-SP4-2019-1530,SUSE-SLE-Live-Patching-12-SP4-2019-1530,SUSE-SLE-SDK-12-SP4-2019-1530,SUSE-SLE-SERVER-12-SP4-2019-1530,SUSE-SLE-WE-12-SP4-2019-1530
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will\nfragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an\nexpensive linked-list walk for subsequent SACKs received for that same TCP connection.\n- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)\n- CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM existed. It could have occured with FUSE requests. (bnc#1133190)\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)\n- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)\n- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bnc#1135278)\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\\0' character. (bnc#1134848)\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)\n\nThe following non-security bugs were fixed:\n\n- 9p locks: add mount option for lock retry interval (bsc#1051510).\n- Update config files. Debug kernel is not supported (bsc#1135492).\n- acpi / utils: Drop reference in test for device presence (bsc#1051510).\n- acpi: button: reinitialize button state upon resume (bsc#1051510).\n- acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).\n- acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).\n- acpica: Namespace: remove address node from global list after method termination (bsc#1051510).\n- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).\n- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).\n- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).\n- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).\n- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: hda/realtek - EAPD turn on later (bsc#1051510).\n- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).\n- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).\n- alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).\n- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).\n- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).\n- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- alsa: timer: Coding style fixes (bsc#1051510).\n- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- alsa: timer: Make sure to clear pending ack list (bsc#1051510).\n- alsa: timer: Revert active callback sync check at close (bsc#1051510).\n- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- alsa: timer: Unify timer callback process code (bsc#1051510).\n- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).\n- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- alsa: usx2y: fix a double free bug (bsc#1051510).\n- appletalk: Fix compile regression (bsc#1051510).\n- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).\n- arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).\n- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).\n- arm64/x86: Update config files. Use CONFIG_ARCH_SUPPORTS_acpi\n- arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).\n- arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).\n- arm64: fix acpi dependencies (bsc#1117158).\n- arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).\n- arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).\n- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).\n- arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).\n- arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).\n- arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).\n- arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).\n- arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).\n- arm: iop: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: orion: do not use using 64-bit DMA masks (bsc#1051510).\n- arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).\n- arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).\n- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).\n- asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- asoc: fix valid stream condition (bsc#1051510).\n- asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- asoc: stm32: fix sai driver name initialisation (bsc#1051510).\n- asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: treat stale and dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- block: Do not revalidate bdev of hidden gendisk (bsc#1120091).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).\n- block: fix the return errno for direct IO (bsc#1135320).\n- block: fix use-after-free on gendisk (bsc#1135312).\n- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).\n- bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).\n- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).\n- bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).\n- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).\n- bonding: fix event handling for stacked bonds (networking-stable-19_04_19).\n- bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).\n- bpf: Add missed newline in verifier verbose log (bsc#1056787).\n- bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).\n- btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).\n- btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).\n- btrfs: fix race updating log root item during fsync (bsc#1137153).\n- btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).\n- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).\n- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).\n- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).\n- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- dccp: Fix memleak in __feat_register_sp (bsc#1051510).\n- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- debugfs: fix use-after-free on symlink traversal (bsc#1051510).\n- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).\n- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- documentation: Add MDS vulnerability documentation (bsc#1135642).\n- drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).\n- drm/etnaviv: lock MMU while dumping core (bsc#1113722)\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).\n- drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)\n- drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)\n- drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).\n- drm/i915/gvt: refine ggtt range validation (bsc#1113722)\n- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).\n- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)\n- drm/rockchip: fix for mailbox read validation (bsc#1051510).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).\n- dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).\n- dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).\n- efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).\n- efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).\n- efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).\n- efi/arm: libstub: add a root memreserve config table (bsc#1117158).\n- efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).\n- efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).\n- efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).\n- efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).\n- efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).\n- efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).\n- efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).\n- efi: honour memory reservations passed via a linux specific config table (bsc#1117158).\n- ext4: Do not warn when enabling DAX (bsc#1132894).\n- ext4: actually request zeroing of inode table after grow (bsc#1135315).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).\n- ext4: make sanity check in mballoc more strict (bsc#1136439).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)\n- fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)\n- firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).\n- fix rtnh_ok() (git-fixes).\n- fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).\n- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).\n- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- hid: input: add mapping for 'Toggle Display' key (bsc#1051510).\n- hid: input: add mapping for Assistant key (bsc#1051510).\n- hid: input: add mapping for Expose/Overview key (bsc#1051510).\n- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).\n- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- ibmvnic: Add device identification to requested IRQs (bsc#1137739).\n- ibmvnic: Do not close unopened driver during reset (bsc#1137752).\n- ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).\n- ibmvnic: Refresh device multicast list after reset (bsc#1137752).\n- ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).\n- igmp: fix incorrect unsolicit report count when join group (git-fixes).\n- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).\n- indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).\n- inetpeer: fix uninit-value in inet_getpeer (git-fixes).\n- input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).\n- input: introduce KEY_ASSISTANT (bsc#1051510).\n- input: synaptics-rmi4 - fix possible double free (bsc#1051510).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).\n- iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).\n- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).\n- ip_gre: fix parsing gre header in ipgre_err (git-fixes).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).\n- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).\n- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).\n- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).\n- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).\n- ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).\n- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).\n- ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).\n- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).\n- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).\n- ipv6: invert flowlabel sharing check in process and user mode (git-fixes).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).\n- ipvlan: fix ipv6 outbound device (bsc#1051510).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).\n- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).\n- ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).\n- ipvs: fix buffer overflow with sync daemon and service (git-fixes).\n- ipvs: fix check on xmit to non-local addresses (git-fixes).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).\n- ipvs: fix stats update from local clients (git-fixes).\n- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).\n- jbd2: check superblock mapped prior to committing (bsc#1136430).\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kABI: protect dma-mapping.h include (kabi).\n- kABI: protect functions using struct net_generic (bsc#1130409 LTC#176346).\n- kABI: protect ip_options_rcv_srr (kabi).\n- kABI: protect struct mlx5_td (kabi).\n- kABI: protect struct pci_dev (kabi).\n- kABI: protect struct smc_ib_device (bsc#1130409 LTC#176346).\n- kABI: protect struct smc_link (bsc#1129857 LTC#176247).\n- kABI: protect struct smcd_dev (bsc#1130409 LTC#176346).\n- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).\n- kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).\n- kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).\n- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904 LTC#176078).\n- kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128905 LTC#176077).\n- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).\n- kvm: s390: provide io interrupt kvm_stat (bsc#1136206).\n- kvm: s390: use created_vcpus in more places (bsc#1136206).\n- kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).\n- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).\n- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).\n- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).\n- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).\n- livepatch: Remove custom kobject state handling (bsc#1071995).\n- livepatch: Remove duplicated code for early initialization (bsc#1071995).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mISDN: Check address length before reading address family (bsc#1051510).\n- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).\n- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).\n- mac8390: Fix mmio access size probe (bsc#1051510).\n- md: fix invalid stored role for a disk (bsc#1051510).\n- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- memcg: make it work on sparse non-0-node systems (bnc#1133616).\n- memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).\n- mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).\n- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).\n- mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: Fix possible buffer overflows at parsing bss descriptor\n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).\n- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).\n- net/ibmvnic: Remove tests of member address (bsc#1137739).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/ipv4: defensive cipso option parsing (git-fixes).\n- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).\n- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).\n- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).\n- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).\n- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).\n- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).\n- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).\n- net/mlx5e: Fix trailing semicolon (bsc#1075020).\n- net/mlx5e: IPoib, Reset QP after channels are closed (bsc#1075020).\n- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).\n- net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).\n- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).\n- net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).\n- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).\n- net/smc: add pnet table namespace support (bsc#1130409 LTC#176346).\n- net/smc: add smcd support to the pnet table (bsc#1130409 LTC#176346).\n- net/smc: allow 16 byte pnetids in netlink policy (bsc#1129857 LTC#176247).\n- net/smc: allow pci IDs as ib device names in the pnet table (bsc#1130409 LTC#176346).\n- net/smc: allow pnetid-less configuration (bsc#1130409 LTC#176346).\n- net/smc: call smc_cdc_msg_send() under send_lock (bsc#1129857 LTC#176247).\n- net/smc: check connections in smc_lgr_free_work (bsc#1129857 LTC#176247).\n- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).\n- net/smc: check port_idx of ib event (bsc#1129857 LTC#176247).\n- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1130409 LTC#176346).\n- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).\n- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).\n- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).\n- net/smc: correct state change for peer closing (bsc#1129857 LTC#176247).\n- net/smc: delete rkey first before switching to unused (bsc#1129857 LTC#176247).\n- net/smc: do not wait for send buffer space when data was already sent (bsc#1129857 LTC#176247).\n- net/smc: do not wait under send_lock (bsc#1129857 LTC#176247).\n- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).\n- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).\n- net/smc: fix another sizeof to int comparison (bsc#1129857 LTC#176247).\n- net/smc: fix byte_order for rx_curs_confirmed (bsc#1129848 LTC#176249).\n- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).\n- net/smc: fix sender_free computation (bsc#1129857 LTC#176247).\n- net/smc: fix smc_poll in SMC_INIT state (bsc#1129848 LTC#176249).\n- net/smc: fix use of variable in cleared area (bsc#1129857 LTC#176247).\n- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).\n- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).\n- net/smc: move code to clear the conn->lgr field (bsc#1129857 LTC#176247).\n- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).\n- net/smc: move wake up of close waiter (bsc#1129857 LTC#176247).\n- net/smc: no delay for free tx buffer wait (bsc#1129857 LTC#176247).\n- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).\n- net/smc: postpone release of clcsock (bsc#1129857 LTC#176247).\n- net/smc: preallocated memory for rdma work requests (bsc#1129857 LTC#176247).\n- net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() (bsc#1129857 LTC#176247).\n- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).\n- net/smc: recvmsg and splice_read should return 0 after shutdown (bsc#1129857 LTC#176247).\n- net/smc: reduce amount of status updates to peer (bsc#1129857 LTC#176247).\n- net/smc: reset cursor update required flag (bsc#1129857 LTC#176247).\n- net/smc: rework pnet table (bsc#1130409 LTC#176346).\n- net/smc: unlock LGR pending lock earlier for SMC-D (bsc#1129857 LTC#176247).\n- net/smc: use client and server LGR pending locks for SMC-R (bsc#1129857 LTC#176247).\n- net/smc: use device link provided in qp_context (bsc#1129857 LTC#176247).\n- net/smc: use smc_curs_copy() for SMC-D (bsc#1129857 LTC#176247).\n- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).\n- net: Fix a bug in removing queues from XPS map (git-fixes).\n- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).\n- net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).\n- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).\n- net: do not keep lonely packets forever in the gro hash (git-fixes).\n- net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).\n- net: dsa: legacy: do not unmask port bitmaps (git-fixes).\n- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).\n- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).\n- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).\n- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).\n- net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).\n- net: initialize skb->peeked when cloning (git-fixes).\n- net: make skb_partial_csum_set() more robust against overflows (git-fixes).\n- net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).\n- net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).\n- net: rose: fix a possible stack overflow (networking-stable-19_03_28).\n- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).\n- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).\n- net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).\n- net: test tailroom before appending to linear skb (git-fixes).\n- net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).\n- net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).\n- net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).\n- net: use indirect call wrappers at GRO network layer (bsc#1124503).\n- net: use indirect call wrappers at GRO transport layer (bsc#1124503).\n- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).\n- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).\n- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).\n- netfilter: drop template ct when conntrack is skipped (git-fixes).\n- netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).\n- netfilter: ebtables: handle string from userspace with care (git-fixes).\n- netfilter: ebtables: reject non-bridge targets (git-fixes).\n- netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).\n- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).\n- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).\n- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).\n- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).\n- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).\n- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).\n- netfilter: nf_tables: fix leaking object reference count (git-fixes).\n- netfilter: nf_tables: release chain in flushing set (git-fixes).\n- netfilter: nft_compat: do not dump private area (git-fixes).\n- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).\n- netlink: fix uninit-value in netlink_sendmsg (git-fixes).\n- nfs add module option to limit nfsv4 minor version (jsc#PM-231).\n- nfs: Enable nfsv4.2 support - jsc@PM-231 This requires a module parameter for nfsv4.2 to actually be available on SLE12 and SLE15-SP0\n- nfsv4.x: always serialize open/close operations (bsc#1114893).\n- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).\n- nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).\n- nvme: Do not remove namespaces during reset (bsc#1131673).\n- nvme: flush scan_work when resetting controller (bsc#1131673).\n- objtool: Fix function fallthrough detection (bsc#1058115).\n- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- p54: drop device reference count if fails to enable device (bsc#1135642).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (git-fixes).\n- packet: refine ring v3 block size test to hold one frame (git-fixes).\n- packet: reset network header if packet shorter than ll reserved space (git-fixes).\n- packet: validate msg_namelen in send directly (git-fixes).\n- packets: Always register packet sk in the same order (networking-stable-19_03_28).\n- pci: Factor out pcie_retrain_link() function (git-fixes).\n- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).\n- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).\n- pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).\n- pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).\n- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).\n- powerpc/eeh: Fix race with driver un/bind (bsc#1065729).\n- powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).\n- powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).\n- powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).\n- powerpc/process: Fix sparse address space warnings (bsc#1065729).\n- powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).\n- powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).\n- proc/kcore: do not bounds check against address 0 (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).\n- rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtc: da9063: set uie_unsupported when relevant (bsc#1051510).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).\n- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).\n- s390/ism: ignore some errors during deregistration (bsc#1129857 LTC#176247).\n- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi: qedf: fixup bit operations (bsc#1135542).\n- scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).\n- scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).\n- scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).\n- scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).\n- scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).\n- scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).\n- scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).\n- scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).\n- scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).\n- scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).\n- scsi: qla2xxx: Remove unused symbols (bsc#1118139).\n- scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).\n- scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).\n- scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).\n- scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).\n- scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).\n- scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).\n- scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).\n- sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).\n- sctp: fix identification of new acks for SFR-CACC (git-fixes).\n- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).\n- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).\n- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- signal: Always notice exiting tasks (git-fixes).\n- signal: Better detection of synchronous signals (git-fixes).\n- signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).\n- smc: move unhash as early as possible in smc_release() (bsc#1129857 LTC#176247).\n- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- spi: Micrel eth switch: declare missing of table (bsc#1051510).\n- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- switchtec: Fix unintended mask of MRPC event (git-fixes).\n- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: purge write queue in tcp_connect_init() (git-fixes).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).\n- team: fix possible recursive locking when add slaves (networking-stable-19_04_30).\n- team: set slave to promisc if team is already in promisc mode (bsc#1051510).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).\n- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).\n- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).\n- tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).\n- tipc: missing entries in name table of publications (networking-stable-19_04_19).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- treewide: Use DEVICE_ATTR_WO (bsc#1137739).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: serial_core, add ->install (bnc#1129693).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).\n- tun: properly test for IFF_UP (networking-stable-19_03_28).\n- uas: fix alignment of scatter/gather segments (bsc#1129770).\n- udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: cdc-acm: fix unthrottle races (bsc#1051510).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- usb: serial: fix unthrottle races (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- usb: yurex: Fix protection fault after device removal (bsc#1051510).\n- userfaultfd: use RCU to free the task struct when fork fails (git-fixes).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- vhost: reject zero size iova range (networking-stable-19_04_19).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).\n- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vt: always call notifier with the console lock held (bsc#1051510).\n- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).\n- xfrm6: call kfree_skb when skb is toobig (git-fixes).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).\n- xfrm: Return error on unknown encap_type in init_state (git-fixes).\n- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).\n- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).\n- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).\n- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).\n- xfs: add log item pinning error injection tag (bsc#1114427).\n- xfs: buffer lru reference count error injection tag (bsc#1114427).\n- xfs: check _btree_check_block value (bsc#1123663).\n- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).\n- xfs: create block pointer check functions (bsc#1123663).\n- xfs: create inode pointer verifiers (bsc#1114427).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).\n- xfs: export various function for the online scrubber (bsc#1123663).\n- xfs: expose errortag knobs via sysfs (bsc#1114427).\n- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).\n- xfs: force summary counter recalc at next mount (bsc#1114427).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: make errortag a per-mountpoint structure (bsc#1123663).\n- xfs: move error injection tags into their own file (bsc#1114427).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor btree block header checking functions (bsc#1123663).\n- xfs: refactor btree pointer checks (bsc#1123663).\n- xfs: refactor unmount record write (bsc#1114427).\n- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).\n- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).\n- xfs: sanity-check the unused space before trying to use it (bsc#1123663).\n- xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1530,SUSE-SLE-DESKTOP-12-SP4-2019-1530,SUSE-SLE-HA-12-SP4-2019-1530,SUSE-SLE-Live-Patching-12-SP4-2019-1530,SUSE-SLE-SDK-12-SP4-2019-1530,SUSE-SLE-SERVER-12-SP4-2019-1530,SUSE-SLE-WE-12-SP4-2019-1530", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1530-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1530-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191530-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1530-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005572.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1050242", url: "https://bugzilla.suse.com/1050242", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1056787", url: "https://bugzilla.suse.com/1056787", }, { category: "self", summary: "SUSE Bug 1058115", url: "https://bugzilla.suse.com/1058115", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1064802", url: "https://bugzilla.suse.com/1064802", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066129", url: "https://bugzilla.suse.com/1066129", }, { category: "self", summary: "SUSE Bug 1068546", url: "https://bugzilla.suse.com/1068546", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1075020", url: "https://bugzilla.suse.com/1075020", }, { category: "self", summary: "SUSE Bug 1082387", url: "https://bugzilla.suse.com/1082387", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1103992", url: "https://bugzilla.suse.com/1103992", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104427", url: "https://bugzilla.suse.com/1104427", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1114427", url: "https://bugzilla.suse.com/1114427", }, { category: "self", summary: "SUSE Bug 1114893", url: "https://bugzilla.suse.com/1114893", }, { category: "self", summary: "SUSE Bug 1115688", url: "https://bugzilla.suse.com/1115688", }, { category: "self", summary: "SUSE Bug 1117158", url: "https://bugzilla.suse.com/1117158", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1118139", url: "https://bugzilla.suse.com/1118139", }, { category: "self", summary: "SUSE Bug 1119843", url: "https://bugzilla.suse.com/1119843", }, { category: "self", summary: "SUSE Bug 1120091", url: "https://bugzilla.suse.com/1120091", }, { category: "self", summary: "SUSE Bug 1120423", url: "https://bugzilla.suse.com/1120423", }, { category: "self", summary: "SUSE Bug 1120566", url: "https://bugzilla.suse.com/1120566", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1123454", url: "https://bugzilla.suse.com/1123454", }, { category: "self", summary: "SUSE Bug 1123663", url: "https://bugzilla.suse.com/1123663", }, { category: "self", summary: "SUSE Bug 1124503", url: "https://bugzilla.suse.com/1124503", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1127616", url: "https://bugzilla.suse.com/1127616", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1128904", url: "https://bugzilla.suse.com/1128904", }, { category: "self", summary: "SUSE Bug 1128905", url: "https://bugzilla.suse.com/1128905", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129497", url: "https://bugzilla.suse.com/1129497", }, { category: "self", summary: "SUSE Bug 1129693", url: "https://bugzilla.suse.com/1129693", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1129848", url: "https://bugzilla.suse.com/1129848", }, { category: "self", summary: "SUSE Bug 1129857", url: "https://bugzilla.suse.com/1129857", }, { category: "self", summary: "SUSE Bug 1130409", url: "https://bugzilla.suse.com/1130409", }, { category: "self", summary: "SUSE Bug 1130699", url: "https://bugzilla.suse.com/1130699", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1132894", url: "https://bugzilla.suse.com/1132894", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133190", url: "https://bugzilla.suse.com/1133190", }, { category: "self", summary: "SUSE Bug 1133320", url: "https://bugzilla.suse.com/1133320", }, { category: "self", summary: "SUSE Bug 1133612", url: "https://bugzilla.suse.com/1133612", }, { category: "self", summary: "SUSE Bug 1133616", url: "https://bugzilla.suse.com/1133616", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134199", url: "https://bugzilla.suse.com/1134199", }, { category: "self", summary: "SUSE Bug 1134200", url: "https://bugzilla.suse.com/1134200", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134203", url: "https://bugzilla.suse.com/1134203", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134354", url: "https://bugzilla.suse.com/1134354", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134460", url: "https://bugzilla.suse.com/1134460", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134537", url: "https://bugzilla.suse.com/1134537", }, { category: "self", summary: "SUSE Bug 1134591", url: "https://bugzilla.suse.com/1134591", }, { category: "self", summary: "SUSE Bug 1134597", url: "https://bugzilla.suse.com/1134597", }, { category: "self", summary: "SUSE Bug 1134607", url: "https://bugzilla.suse.com/1134607", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134671", url: "https://bugzilla.suse.com/1134671", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1134936", url: "https://bugzilla.suse.com/1134936", }, { category: "self", summary: "SUSE Bug 1135006", url: "https://bugzilla.suse.com/1135006", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135056", url: "https://bugzilla.suse.com/1135056", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135278", url: "https://bugzilla.suse.com/1135278", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135309", url: "https://bugzilla.suse.com/1135309", }, { category: "self", summary: "SUSE Bug 1135312", url: "https://bugzilla.suse.com/1135312", }, { category: "self", summary: "SUSE Bug 1135314", url: "https://bugzilla.suse.com/1135314", }, { category: "self", summary: "SUSE Bug 1135315", url: "https://bugzilla.suse.com/1135315", }, { category: "self", summary: "SUSE Bug 1135316", url: "https://bugzilla.suse.com/1135316", }, { category: "self", summary: "SUSE Bug 1135320", url: "https://bugzilla.suse.com/1135320", }, { category: "self", summary: "SUSE Bug 1135323", url: "https://bugzilla.suse.com/1135323", }, { category: "self", summary: "SUSE Bug 1135330", url: "https://bugzilla.suse.com/1135330", }, { category: "self", summary: "SUSE Bug 1135492", url: "https://bugzilla.suse.com/1135492", }, { category: "self", summary: "SUSE Bug 1135542", url: "https://bugzilla.suse.com/1135542", }, { category: "self", summary: "SUSE Bug 1135556", url: "https://bugzilla.suse.com/1135556", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135758", url: "https://bugzilla.suse.com/1135758", }, { category: "self", summary: "SUSE Bug 1136206", url: "https://bugzilla.suse.com/1136206", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136428", url: "https://bugzilla.suse.com/1136428", }, { category: "self", summary: "SUSE Bug 1136430", url: "https://bugzilla.suse.com/1136430", }, { category: "self", summary: "SUSE Bug 1136432", url: "https://bugzilla.suse.com/1136432", }, { category: "self", summary: "SUSE Bug 1136434", url: "https://bugzilla.suse.com/1136434", }, { category: "self", summary: "SUSE Bug 1136435", url: "https://bugzilla.suse.com/1136435", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136439", url: "https://bugzilla.suse.com/1136439", }, { category: "self", summary: "SUSE Bug 1136477", url: "https://bugzilla.suse.com/1136477", }, { category: "self", summary: "SUSE Bug 1136478", url: "https://bugzilla.suse.com/1136478", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136881", url: "https://bugzilla.suse.com/1136881", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137151", url: "https://bugzilla.suse.com/1137151", }, { category: "self", summary: "SUSE Bug 1137152", url: "https://bugzilla.suse.com/1137152", }, { category: "self", summary: "SUSE Bug 1137153", url: "https://bugzilla.suse.com/1137153", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137372", url: "https://bugzilla.suse.com/1137372", }, { category: "self", summary: "SUSE Bug 1137444", url: "https://bugzilla.suse.com/1137444", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 1137739", url: "https://bugzilla.suse.com/1137739", }, { category: "self", summary: "SUSE Bug 1137752", url: "https://bugzilla.suse.com/1137752", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-10124 page", url: "https://www.suse.com/security/cve/CVE-2019-10124/", }, { category: "self", summary: "SUSE CVE CVE-2019-11085 page", url: "https://www.suse.com/security/cve/CVE-2019-11085/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11487 page", url: "https://www.suse.com/security/cve/CVE-2019-11487/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-17T17:18:47Z", generator: { date: "2019-06-17T17:18:47Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1530-1", initial_release_date: "2019-06-17T17:18:47Z", revision_history: [ { date: "2019-06-17T17:18:47Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.19.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-95.19.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.19.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-95.19.1.aarch64", product_id: "dlm-kmp-default-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-al-4.12.14-95.19.1.aarch64", product: { name: "dtb-al-4.12.14-95.19.1.aarch64", product_id: "dtb-al-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-allwinner-4.12.14-95.19.1.aarch64", product: { name: "dtb-allwinner-4.12.14-95.19.1.aarch64", product_id: "dtb-allwinner-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-altera-4.12.14-95.19.1.aarch64", product: { name: "dtb-altera-4.12.14-95.19.1.aarch64", product_id: "dtb-altera-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-amd-4.12.14-95.19.1.aarch64", product: { name: "dtb-amd-4.12.14-95.19.1.aarch64", product_id: "dtb-amd-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-amlogic-4.12.14-95.19.1.aarch64", product: { name: "dtb-amlogic-4.12.14-95.19.1.aarch64", product_id: "dtb-amlogic-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-apm-4.12.14-95.19.1.aarch64", product: { name: "dtb-apm-4.12.14-95.19.1.aarch64", product_id: "dtb-apm-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-arm-4.12.14-95.19.1.aarch64", product: { name: "dtb-arm-4.12.14-95.19.1.aarch64", product_id: "dtb-arm-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-broadcom-4.12.14-95.19.1.aarch64", product: { name: "dtb-broadcom-4.12.14-95.19.1.aarch64", product_id: "dtb-broadcom-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-cavium-4.12.14-95.19.1.aarch64", product: { name: "dtb-cavium-4.12.14-95.19.1.aarch64", product_id: "dtb-cavium-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-exynos-4.12.14-95.19.1.aarch64", product: { name: "dtb-exynos-4.12.14-95.19.1.aarch64", product_id: "dtb-exynos-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-freescale-4.12.14-95.19.1.aarch64", product: { name: "dtb-freescale-4.12.14-95.19.1.aarch64", product_id: "dtb-freescale-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-hisilicon-4.12.14-95.19.1.aarch64", product: { name: "dtb-hisilicon-4.12.14-95.19.1.aarch64", product_id: "dtb-hisilicon-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-lg-4.12.14-95.19.1.aarch64", product: { name: "dtb-lg-4.12.14-95.19.1.aarch64", product_id: "dtb-lg-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-marvell-4.12.14-95.19.1.aarch64", product: { name: "dtb-marvell-4.12.14-95.19.1.aarch64", product_id: "dtb-marvell-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-mediatek-4.12.14-95.19.1.aarch64", product: { name: "dtb-mediatek-4.12.14-95.19.1.aarch64", product_id: "dtb-mediatek-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-nvidia-4.12.14-95.19.1.aarch64", product: { name: "dtb-nvidia-4.12.14-95.19.1.aarch64", product_id: "dtb-nvidia-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-qcom-4.12.14-95.19.1.aarch64", product: { name: "dtb-qcom-4.12.14-95.19.1.aarch64", product_id: "dtb-qcom-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-renesas-4.12.14-95.19.1.aarch64", product: { name: "dtb-renesas-4.12.14-95.19.1.aarch64", product_id: "dtb-renesas-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-rockchip-4.12.14-95.19.1.aarch64", product: { name: "dtb-rockchip-4.12.14-95.19.1.aarch64", product_id: "dtb-rockchip-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-socionext-4.12.14-95.19.1.aarch64", product: { name: "dtb-socionext-4.12.14-95.19.1.aarch64", product_id: "dtb-socionext-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-sprd-4.12.14-95.19.1.aarch64", product: { name: "dtb-sprd-4.12.14-95.19.1.aarch64", product_id: "dtb-sprd-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-xilinx-4.12.14-95.19.1.aarch64", product: { name: "dtb-xilinx-4.12.14-95.19.1.aarch64", product_id: "dtb-xilinx-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "dtb-zte-4.12.14-95.19.1.aarch64", product: { name: "dtb-zte-4.12.14-95.19.1.aarch64", product_id: "dtb-zte-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.19.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-95.19.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.19.1.aarch64", product: { name: "kernel-default-4.12.14-95.19.1.aarch64", product_id: "kernel-default-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.19.1.aarch64", product: { name: "kernel-default-base-4.12.14-95.19.1.aarch64", product_id: "kernel-default-base-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.19.1.aarch64", product: { name: "kernel-default-devel-4.12.14-95.19.1.aarch64", product_id: "kernel-default-devel-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.19.1.aarch64", product: { name: "kernel-default-extra-4.12.14-95.19.1.aarch64", product_id: "kernel-default-extra-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.19.1.aarch64", product: { name: "kernel-default-kgraft-4.12.14-95.19.1.aarch64", product_id: "kernel-default-kgraft-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.19.1.aarch64", product: { name: "kernel-obs-build-4.12.14-95.19.1.aarch64", product_id: "kernel-obs-build-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.19.1.aarch64", product: { name: "kernel-obs-qa-4.12.14-95.19.1.aarch64", product_id: "kernel-obs-qa-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.19.1.aarch64", product: { name: "kernel-syms-4.12.14-95.19.1.aarch64", product_id: "kernel-syms-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.19.1.aarch64", product: { name: "kernel-vanilla-4.12.14-95.19.1.aarch64", product_id: "kernel-vanilla-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.19.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-95.19.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.19.1.aarch64", product: { name: "kernel-vanilla-devel-4.12.14-95.19.1.aarch64", product_id: "kernel-vanilla-devel-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.19.1.aarch64", product: { name: "kselftests-kmp-default-4.12.14-95.19.1.aarch64", product_id: "kselftests-kmp-default-4.12.14-95.19.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.19.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-95.19.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-95.19.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-95.19.1.noarch", product: { name: "kernel-devel-4.12.14-95.19.1.noarch", product_id: "kernel-devel-4.12.14-95.19.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-95.19.1.noarch", product: { name: "kernel-docs-4.12.14-95.19.1.noarch", product_id: "kernel-docs-4.12.14-95.19.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-95.19.1.noarch", product: { name: "kernel-docs-html-4.12.14-95.19.1.noarch", product_id: "kernel-docs-html-4.12.14-95.19.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-95.19.1.noarch", product: { name: "kernel-macros-4.12.14-95.19.1.noarch", product_id: "kernel-macros-4.12.14-95.19.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-95.19.1.noarch", product: { name: "kernel-source-4.12.14-95.19.1.noarch", product_id: "kernel-source-4.12.14-95.19.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-95.19.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-95.19.1.noarch", product_id: "kernel-source-vanilla-4.12.14-95.19.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.19.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-95.19.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.19.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-95.19.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.12.14-95.19.1.ppc64le", product: { name: "kernel-debug-4.12.14-95.19.1.ppc64le", product_id: "kernel-debug-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-95.19.1.ppc64le", product: { name: "kernel-debug-base-4.12.14-95.19.1.ppc64le", product_id: "kernel-debug-base-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-95.19.1.ppc64le", product: { name: "kernel-debug-devel-4.12.14-95.19.1.ppc64le", product_id: "kernel-debug-devel-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.19.1.ppc64le", product: { name: "kernel-default-4.12.14-95.19.1.ppc64le", product_id: "kernel-default-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.19.1.ppc64le", product: { name: "kernel-default-base-4.12.14-95.19.1.ppc64le", product_id: "kernel-default-base-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.19.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-95.19.1.ppc64le", product_id: "kernel-default-devel-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.19.1.ppc64le", product: { name: "kernel-default-extra-4.12.14-95.19.1.ppc64le", product_id: "kernel-default-extra-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.19.1.ppc64le", product: { name: "kernel-default-kgraft-4.12.14-95.19.1.ppc64le", product_id: "kernel-default-kgraft-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.19.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-95.19.1.ppc64le", product_id: "kernel-obs-build-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.19.1.ppc64le", product: { name: "kernel-obs-qa-4.12.14-95.19.1.ppc64le", product_id: "kernel-obs-qa-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.19.1.ppc64le", product: { name: "kernel-syms-4.12.14-95.19.1.ppc64le", product_id: "kernel-syms-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.19.1.ppc64le", product: { name: "kernel-vanilla-4.12.14-95.19.1.ppc64le", product_id: "kernel-vanilla-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.19.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-95.19.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.19.1.ppc64le", product: { name: "kernel-vanilla-devel-4.12.14-95.19.1.ppc64le", product_id: "kernel-vanilla-devel-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", product: { name: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", product_id: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.19.1.ppc64le", product: { name: "kselftests-kmp-default-4.12.14-95.19.1.ppc64le", product_id: "kselftests-kmp-default-4.12.14-95.19.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.19.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-95.19.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.19.1.s390x", product: { name: "dlm-kmp-default-4.12.14-95.19.1.s390x", product_id: "dlm-kmp-default-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.19.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-95.19.1.s390x", product_id: "gfs2-kmp-default-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.19.1.s390x", product: { name: "kernel-default-4.12.14-95.19.1.s390x", product_id: "kernel-default-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.19.1.s390x", product: { name: "kernel-default-base-4.12.14-95.19.1.s390x", product_id: "kernel-default-base-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.19.1.s390x", product: { name: "kernel-default-devel-4.12.14-95.19.1.s390x", product_id: "kernel-default-devel-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.19.1.s390x", product: { name: "kernel-default-extra-4.12.14-95.19.1.s390x", product_id: "kernel-default-extra-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.19.1.s390x", product: { name: "kernel-default-kgraft-4.12.14-95.19.1.s390x", product_id: "kernel-default-kgraft-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-95.19.1.s390x", product: { name: "kernel-default-man-4.12.14-95.19.1.s390x", product_id: "kernel-default-man-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.19.1.s390x", product: { name: "kernel-obs-build-4.12.14-95.19.1.s390x", product_id: "kernel-obs-build-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.19.1.s390x", product: { name: "kernel-obs-qa-4.12.14-95.19.1.s390x", product_id: "kernel-obs-qa-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.19.1.s390x", product: { name: "kernel-syms-4.12.14-95.19.1.s390x", product_id: "kernel-syms-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.19.1.s390x", product: { name: "kernel-vanilla-4.12.14-95.19.1.s390x", product_id: "kernel-vanilla-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.19.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-95.19.1.s390x", product_id: "kernel-vanilla-base-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.19.1.s390x", product: { name: "kernel-vanilla-devel-4.12.14-95.19.1.s390x", product_id: "kernel-vanilla-devel-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-95.19.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-95.19.1.s390x", product_id: "kernel-zfcpdump-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-man-4.12.14-95.19.1.s390x", product: { name: "kernel-zfcpdump-man-4.12.14-95.19.1.s390x", product_id: "kernel-zfcpdump-man-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.19.1.s390x", product: { name: "kselftests-kmp-default-4.12.14-95.19.1.s390x", product_id: "kselftests-kmp-default-4.12.14-95.19.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.19.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-95.19.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-95.19.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.19.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-95.19.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.19.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-95.19.1.x86_64", product_id: "dlm-kmp-default-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.19.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-95.19.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.12.14-95.19.1.x86_64", product: { name: "kernel-debug-4.12.14-95.19.1.x86_64", product_id: "kernel-debug-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-95.19.1.x86_64", product: { name: "kernel-debug-base-4.12.14-95.19.1.x86_64", product_id: "kernel-debug-base-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-95.19.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-95.19.1.x86_64", product_id: "kernel-debug-devel-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.19.1.x86_64", product: { name: "kernel-default-4.12.14-95.19.1.x86_64", product_id: "kernel-default-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.19.1.x86_64", product: { name: "kernel-default-base-4.12.14-95.19.1.x86_64", product_id: "kernel-default-base-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.19.1.x86_64", product: { name: "kernel-default-devel-4.12.14-95.19.1.x86_64", product_id: "kernel-default-devel-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.19.1.x86_64", product: { name: "kernel-default-extra-4.12.14-95.19.1.x86_64", product_id: "kernel-default-extra-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.19.1.x86_64", product: { name: "kernel-default-kgraft-4.12.14-95.19.1.x86_64", product_id: "kernel-default-kgraft-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-95.19.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-95.19.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-95.19.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-95.19.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-95.19.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-95.19.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.19.1.x86_64", product: { name: "kernel-obs-build-4.12.14-95.19.1.x86_64", product_id: "kernel-obs-build-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.19.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-95.19.1.x86_64", product_id: "kernel-obs-qa-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.19.1.x86_64", product: { name: "kernel-syms-4.12.14-95.19.1.x86_64", product_id: "kernel-syms-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.19.1.x86_64", product: { name: "kernel-vanilla-4.12.14-95.19.1.x86_64", product_id: "kernel-vanilla-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.19.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-95.19.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.19.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-95.19.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", product: { name: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", product_id: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.19.1.x86_64", product: { name: "kselftests-kmp-default-4.12.14-95.19.1.x86_64", product_id: "kselftests-kmp-default-4.12.14-95.19.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.19.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-95.19.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-95.19.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP4", product: { name: "SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP4", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12 SP4", product: { name: "SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP4", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4", product: { name: "SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 12 SP4", product: { name: "SUSE Linux Enterprise Workstation Extension 12 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:12:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", }, product_reference: "kernel-source-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", }, product_reference: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", }, product_reference: "kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", }, product_reference: "kernel-docs-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", }, product_reference: "kernel-obs-build-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-default-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-default-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-base-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-man-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", }, product_reference: "kernel-source-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-syms-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", }, product_reference: "kernel-syms-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-default-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-default-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-base-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", }, product_reference: "kernel-default-man-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", }, product_reference: "kernel-source-4.12.14-95.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", }, product_reference: "kernel-syms-4.12.14-95.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-95.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", }, product_reference: "kernel-syms-4.12.14-95.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-95.19.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-95.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 12 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-10124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10124", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10124", url: "https://www.suse.com/security/cve/CVE-2019-10124", }, { category: "external", summary: "SUSE Bug 1130699 for CVE-2019-10124", url: "https://bugzilla.suse.com/1130699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "moderate", }, ], title: "CVE-2019-10124", }, { cve: "CVE-2019-11085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11085", }, ], notes: [ { category: "general", text: "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11085", url: "https://www.suse.com/security/cve/CVE-2019-11085", }, { category: "external", summary: "SUSE Bug 1135278 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135278", }, { category: "external", summary: "SUSE Bug 1135280 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135280", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "important", }, ], title: "CVE-2019-11085", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11487", }, ], notes: [ { category: "general", text: "The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11487", url: "https://www.suse.com/security/cve/CVE-2019-11487", }, { category: "external", summary: "SUSE Bug 1133190 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133190", }, { category: "external", summary: "SUSE Bug 1133191 for CVE-2019-11487", url: "https://bugzilla.suse.com/1133191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "important", }, ], title: "CVE-2019-11487", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_19-default-1-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.19.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:18:47Z", details: "moderate", }, ], title: "CVE-2019-5489", }, ], }
suse-su-2019:1532-1
Vulnerability from csaf_suse
Published
2019-06-17 17:21
Modified
2019-06-17 17:21
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will
fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an
expensive linked-list walk for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)
- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)
- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)
- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
- CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() was called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check had a race condition when reading /proc/pid/stat. (bnc#1132472)
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. (bnc#1134848)
- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel It did not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. (bnc#1110785)
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
- 9p locks: add mount option for lock retry interval (bnc#1012382).
- 9p: do not trust pdu content for stat item size (bnc#1012382).
- X.509: unpack RSA signatureValue field from BIT STRING (git-fixes).
- acpi / sbs: Fix GPE storm on recent MacBookPro's (bnc#1012382).
- alsa: core: Fix card races between register and disconnect (bnc#1012382).
- alsa: echoaudio: add a check for ioremap_nocache (bnc#1012382).
- alsa: info: Fix racy addition/deletion of nodes (bnc#1012382).
- alsa: line6: use dynamic buffers (bnc#1012382).
- alsa: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration (bnc#1012382).
- alsa: pcm: check if ops are defined before suspending PCM (bnc#1012382).
- alsa: sb8: add a check for request_region (bnc#1012382).
- alsa: seq: Fix OOB-reads from strlcpy (bnc#1012382).
- appletalk: Fix compile regression (bnc#1012382).
- appletalk: Fix use-after-free in atalk_proc_exit (bnc#1012382).
- arm64/kernel: do not ban ADRP to work around Cortex-A53 erratum #843419 (bsc#1126040).
- arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp (bsc#1126040).
- arm64: Add helper to decode register from instruction (bsc#1126040).
- arm64: debug: Do not propagate UNKNOWN FAR into si_code for debug signals (bnc#1012382).
- arm64: debug: Ensure debug handlers check triggering exception level (bnc#1012382).
- arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#1012382).
- arm64: futex: Restore oldval initialization to work around buggy compilers (bnc#1012382).
- arm64: module-plts: factor out PLT generation code for ftrace (bsc#1126040).
- arm64: module: do not BUG when exceeding preallocated PLT count (bsc#1126040).
- arm64: module: split core and init PLT sections (bsc#1126040).
- arm: 8833/1: Ensure that NEON code always compiles with Clang (bnc#1012382).
- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bnc#1012382).
- arm: 8840/1: use a raw_spinlock_t in unwind (bnc#1012382).
- arm: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012382).
- arm: dts: at91: Fix typo in ISC_D0 on PC9 (bnc#1012382).
- arm: dts: pfla02: increase phy reset duration (bnc#1012382).
- arm: iop: do not use using 64-bit DMA masks (bnc#1012382).
- arm: orion: do not use using 64-bit DMA masks (bnc#1012382).
- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bnc#1012382).
- asoc: Intel: avoid Oops if DMA setup fails (bnc#1012382).
- asoc: cs4270: Set auto-increment bit for register writes (bnc#1012382).
- asoc: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc#1012382).
- asoc: fsl_esai: fix channel swap issue when stream starts (bnc#1012382).
- asoc: tlv320aic32x4: Fix Common Pins (bnc#1012382).
- asoc:soc-pcm:fix a codec fixup issue in TDM case (bnc#1012382).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1106929)
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: comment on direct access to bvec table (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_device_init() (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#1012382).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bnc#1012382).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bnc#1012382).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: trace missed reading by cache_missed (bsc#1130972).
- bcache: treat stale and dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- bcache: writeback: properly order backing device IO (bsc#1130972).
- binfmt_elf: switch to new creds when switching to new mm (bnc#1012382).
- bitops: avoid integer overflow in GENMASK(_ULL) (bnc#1012382).
- block: check_events: do not bother with events if unsupported (bsc#1110946).
- block: disk_events: introduce event flags (bsc#1110946).
- block: do not leak memory in bio_copy_user_iov() (bnc#1012382).
- block: fix use-after-free on gendisk (bsc#1136448).
- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bnc#1012382).
- bluetooth: Fix decrementing reference count twice in releasing socket (bnc#1012382).
- bnxt_en: Improve multicast address setup logic (bnc#1012382).
- bonding: fix arp_validate toggling in active-backup mode (bnc#1012382).
- bonding: fix event handling for stacked bonds (bnc#1012382).
- bonding: show full hw address in sysfs for slave entries (bnc#1012382).
- bpf: reject wrong sized filters earlier (bnc#1012382).
- bridge: Fix error path for kobject_init_and_add() (bnc#1012382).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1134338).
- btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root lifespan (bsc#1134651).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- cdc-acm: cleaning up debug in data submission path (bsc#1136539).
- cdc-acm: fix race between reset and control messaging (bsc#1106110).
- cdc-acm: handle read pipe errors (bsc#1135878).
- cdc-acm: reassemble fragmented notifications (bsc#1136590).
- cdc-acm: store in and out pipes in acm structure (bsc#1136575).
- cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012382).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134564).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134565).
- ceph: only use d_name directly when parent is locked (bsc#1134566).
- cifs: Fix NULL pointer dereference of devname (bnc#1012382).
- cifs: do not attempt cifs operation on smb2+ rename error (bnc#1012382).
- cifs: fallback to older infolevels on findfirst queryinfo retry (bnc#1012382).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- cifs: use correct format characters (bnc#1012382).
- clk: fix mux clock documentation (bsc#1090888).
- coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012382).
- cpu/speculation: Add 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).
- cpupower: remove stringop-truncation waring (bsc#1119086).
- crypto: crypto4xx - properly set IV after de- and encrypt (bnc#1012382).
- crypto: sha256/arm - fix crash bug in Thumb2 build (bnc#1012382).
- crypto: sha512/arm - fix crash bug in Thumb2 build (bnc#1012382).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1135661, bsc#1137162).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1135661, bsc#1137162).
- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
- crypto: vmx: Only call enable_kernel_vsx() (bsc#1135661, bsc#1137162).
- crypto: x86/poly1305 - fix overflow during partial reduction (bnc#1012382).
- debugfs: fix use-after-free on symlink traversal (bnc#1012382).
- device_cgroup: fix RCU imbalance in error case (bnc#1012382).
- dm thin: add sanity checks to thin-pool and external snapshot creation (bnc#1012382).
- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#1012382).
- dmaengine: tegra: avoid overflow of byte tracking (bnc#1012382).
- documentation: Add MDS vulnerability documentation (bnc#1012382).
- documentation: Add nospectre_v1 parameter (bnc#1012382).
- documentation: Correct the possible MDS sysfs values (bnc#1012382).
- documentation: Move L1TF to separate directory (bnc#1012382).
- drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl (bnc#1012382).
- drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl (bnc#1012382).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1106929)
- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#1012382).
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bnc#1106929)
- drm/i915: Fix I915_EXEC_RING_MASK (bnc#1106929)
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1106929)
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1106929)
- drm/vc4: Account for interrupts in flight (bsc#1106929)
- drm/vc4: Allocate the right amount of space for boot-time CRTC state. (bsc#1106929)
- drm/vc4: Fix NULL pointer dereference in vc4_save_hang_state() (bsc#1106929)
- drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. (bsc#1106929)
- drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos() (bsc#1106929)
- drm/vc4: Fix compilation error reported by kbuild test bot (bsc#1106929)
- drm/vc4: Fix memory leak during gpu reset. (bsc#1106929)
- drm/vc4: Fix memory leak of the CRTC state. (bsc#1106929)
- drm/vc4: Fix oops when userspace hands in a bad BO. (bsc#1106929)
- drm/vc4: Fix overflow mem unreferencing when the binner runs dry. (bsc#1106929)
- drm/vc4: Fix races when the CS reads from render targets. (bsc#1106929)
- drm/vc4: Fix scaling of uni-planar formats (bsc#1106929)
- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1106929)
- drm/vc4: Flush the caches before the bin jobs, as well. (bsc#1106929)
- drm/vc4: Free hang state before destroying BO cache. (bsc#1106929)
- drm/vc4: Move IRQ enable to PM path (bsc#1106929)
- drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar (bsc#1106929)
- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1106929)
- drm/vc4: Use drm_free_large() on handles to match its allocation. (bsc#1106929)
- drm/vc4: fix a bounds check (bsc#1106929)
- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1106929)
- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to (bsc#1106929)
- dt-bindings: rcar-dmac: Document missing error interrupt (bsc#1085535).
- e1000e: Add Support for 38.4MHZ frequency (bsc#1108293 ).
- e1000e: Add Support for CannonLake (bsc#1108293).
- e1000e: Fix -Wformat-truncation warnings (bnc#1012382).
- e1000e: Initial Support for CannonLake (bsc#1108293 ).
- enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012382).
- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1136458).
- ext4: Return EAGAIN in case of DIO is beyond end of file (bsc#1136810).
- ext4: actually request zeroing of inode table after grow (bsc#1136451).
- ext4: add missing brelse() in add_new_gdb_meta_bg() (bnc#1012382).
- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
- ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012382).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1136452).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1136449).
- ext4: make sure enough credits are reserved for dioread_nolock writes (bsc#1136623).
- ext4: prohibit fstrim in norecovery mode (bnc#1012382).
- ext4: report real fs size after failed resize (bnc#1012382).
- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
- f2fs: do not use mutex lock in atomic context (bnc#1012382).
- f2fs: fix to do sanity check with current segment number (bnc#1012382).
- fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#1012382).
- fix incorrect error code mapping for OBJECTID_NOT_FOUND (bnc#1012382).
- fs/file.c: initialize init_files.resize_wait (bnc#1012382).
- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bnc#1012382).
- fs: fix guard_bio_eod to check for real EOD errors (bnc#1012382).
- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
- genirq: Prevent use-after-free and work list corruption (bnc#1012382).
- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bnc#1012382).
- gpio: gpio-omap: fix level interrupt idling (bnc#1012382).
- gpu: ipu-v3: dp: fix CSC handling (bnc#1012382).
- h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#1012382).
- hid: debug: fix race condition with between rdesc_show() and device removal (bnc#1012382).
- hid: input: add mapping for Expose/Overview key (bnc#1012382).
- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bnc#1012382).
- hugetlbfs: fix memory leak for resv_map (bnc#1012382).
- hwrng: virtio - Avoid repeated init of completion (bnc#1012382).
- i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (bnc#1012382).
- ib/hfi1: Eliminate opcode tests on mr deref ().
- ib/hfi1: Unreserve a reserved request when it is completed ().
- ib/mlx4: Fix race condition between catas error reset and aliasguid flows (bnc#1012382).
- ib/mlx4: Increase the timeout for CM cache (bnc#1012382).
- ib/rdmavt: Add wc_flags and wc_immdata to cq entry trace ().
- ib/rdmavt: Fix frwr memory registration ().
- igb: Fix WARN_ONCE on runtime suspend (bnc#1012382).
- iio/gyro/bmg160: Use millidegrees for temperature scale (bnc#1012382).
- iio: ad_sigma_delta: select channel when reading register (bnc#1012382).
- iio: adc: at91: disable adc channel interrupt in timeout case (bnc#1012382).
- iio: adc: xilinx: fix potential use-after-free on remove (bnc#1012382).
- include/linux/bitrev.h: fix constant bitrev (bnc#1012382).
- include/linux/swap.h: use offsetof() instead of custom __swapoffset macro (bnc#1012382).
- init: initialize jump labels before command line option parsing (bnc#1012382).
- input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bnc#1012382).
- io: accel: kxcjk1013: restore the range after resume (bnc#1012382).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135013).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135014).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135015).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (bnc#1012382).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1135120).
- ipv4: Fix raw socket lookup for local traffic (bnc#1012382).
- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (bnc#1012382).
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (bnc#1012382).
- ipv4: recompile ip options in ipv4_link_failure (bnc#1012382).
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (bnc#1012382).
- ipv6/flowlabel: wait rcu grace period before put_pid() (bnc#1012382).
- ipv6: Fix dangling pointer when ipv6 fragment (bnc#1012382).
- ipv6: fix a potential deadlock in do_ipv6_setsockopt() (bnc#1012382).
- ipv6: invert flowlabel sharing check in process and user mode (bnc#1012382).
- ipv6: sit: reset ip header pointer in ipip6_rcv (bnc#1012382).
- ipvs: do not schedule icmp errors from tunnels (bnc#1012382).
- jffs2: fix use-after-free on symlink traversal (bnc#1012382).
- kABI: protect ring_buffer_read_prepare (kabi).
- kABI: protect struct tlb_state (kabi).
- kABI: protect struct usb_interface (kabi).
- kABI: restore ___ptrace_may_access (kabi).
- kABI: restore icmp_send (kabi).
- kabi: arm64: fix kabi breakage on arch specific module (bsc#1126040)
- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
- kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD (bnc#1012382).
- kbuild: simplify ld-option implementation (bnc#1012382).
- kconfig/[mn]conf: handle backspace (^H) key (bnc#1012382).
- kconfig: display recursive dependency resolution hint just once (bsc#1100132).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bnc#1012382).
- keys: Timestamp new keys (bsc#1120902).
- kprobes: Fix error check when reusing optimized probes (bnc#1012382).
- kprobes: Mark ftrace mcount handler functions nokprobe (bnc#1012382).
- kprobes: Prohibit probing on bsearch() (bnc#1012382).
- kvm: fail KVM_SET_VCPU_EVENTS with invalid exception number (bnc#1012382).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bnc#1012382).
- kvm: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (bnc#1012382).
- leds: lp55xx: fix null deref on firmware load failure (bnc#1012382).
- lib/div64.c: off by one in shift (bnc#1012382).
- lib/int_sqrt: optimize initial value compute (bnc#1012382).
- lib/string.c: implement a basic bcmp (bnc#1012382).
- lib: add crc64 calculation routines (bsc#1130972).
- lib: do not depend on linux headers being installed (bsc#1130972).
- libata: fix using DMA buffers on stack (bnc#1012382).
- libnvdimm/btt: Fix a kmemdup failure check (bnc#1012382).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mac80211: do not call driver wake_tx_queue op during reconfig (bnc#1012382).
- mac80211_hwsim: validate number of different channels (bsc#1085539).
- md: use mddev_suspend/resume instead of ->quiesce() (bsc#1132212).
- media: mt9m111: set initial frame size other than 0x0 (bnc#1012382).
- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: pvrusb2: Prevent a buffer overflow (bsc#1135642).
- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#1012382).
- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#1012382).
- media: v4l2: i2c: ov7670: Fix PLL bypass register values (bnc#1012382).
- media: vb2: do not call __vb2_queue_cancel if vb2_start_streaming failed (bsc#1120902).
- mips: scall64-o32: Fix indirect syscall number load (bnc#1012382).
- mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012382).
- mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012382).
- mm/slab.c: kmemleak no scan alien caches (bnc#1012382).
- mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012382).
- mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n (bnc#1012382).
- mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bnc#1012382).
- mmc: davinci: remove extraneous __init annotation (bnc#1012382).
- mmc: omap: fix the maximum timeout setting (bnc#1012382).
- modpost: file2alias: check prototype of handler (bnc#1012382).
- modpost: file2alias: go back to simple devtable lookup (bnc#1012382).
- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
- mt7601u: bump supported EEPROM version (bnc#1012382).
- mtd: Fix comparison in map_word_andequal() (git-fixes).
- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net: atm: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (bnc#1012382).
- net: ena: fix return value of ena_com_config_llq_info() (bsc#1117562).
- net: ethernet: ti: fix possible object reference leak (bnc#1012382).
- net: ethtool: not call vzalloc for zero sized memory request (bnc#1012382).
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (bnc#1012382).
- net: hns: Fix WARNING when remove HNS driver with SMMU enabled (bnc#1012382).
- net: hns: Use NAPI_POLL_WEIGHT for hns driver (bnc#1012382).
- net: ibm: fix possible object reference leak (bnc#1012382).
- net: ks8851: Delay requesting IRQ until opened (bnc#1012382).
- net: ks8851: Dequeue RX packets explicitly (bnc#1012382).
- net: ks8851: Reassert reset pin if chip ID check fails (bnc#1012382).
- net: ks8851: Set initial carrier state to down (bnc#1012382).
- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock() (bnc#1012382).
- net: stmmac: move stmmac_check_ether_addr() to driver probe (bnc#1012382).
- net: ucc_geth - fix Oops when changing number of buffers in the ring (bnc#1012382).
- net: xilinx: fix possible object reference leak (bnc#1012382).
- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (bnc#1012382).
- netfilter: compat: initialize all fields in xt_init (bnc#1012382).
- netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON (bnc#1012382).
- netfilter: physdev: relax br_netfilter dependency (bnc#1012382).
- netns: provide pure entropy for net_hash_mix() (bnc#1012382).
- nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).
- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
- nfs: Fix I/O request leakages (git-fixes).
- nfs: Forbid setting AF_INET6 to 'struct sockaddr_in'->sin_family (bnc#1012382).
- nfs: clean up rest of reqs when failing to add one (git-fixes).
- nfsd: Do not release the callback slot unless it was actually held (bnc#1012382).
- ntp: Allow TAI-UTC offset to be set to zero (bsc#1135642).
- nvme-fc: resolve io failures during connect (bsc#1116803).
- nvme: Do not allow to reset a reconnecting controller (bsc#1133874).
- ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012382).
- openvswitch: fix flow actions reallocation (bnc#1012382).
- pNFS: Skip invalid stateids when doing a bulk destroy (git-fixes).
- packet: Fix error path in packet_init (bnc#1012382).
- packet: validate msg_namelen in send directly (bnc#1012382).
- pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bnc#1012382).
- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1137142).
- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1135642).
- pci: xilinx-nwl: Add missing of_node_put() (bsc#1100132).
- perf evsel: Free evsel->counts in perf_evsel__exit() (bnc#1012382).
- perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012382).
- perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() (bnc#1012382).
- perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test (bnc#1012382).
- perf top: Fix error handling in cmd_top() (bnc#1012382).
- perf/core: Restore mmap record type correctly (bnc#1012382).
- perf/x86/intel: Allow PEBS multi-entry in watermark mode (git-fixes).
- perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS (bnc#1012382).
- platform/x86: sony-laptop: Fix unintentional fall-through (bnc#1012382).
- powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (bnc#1012382).
- powerpc/64: Call setup_barrier_nospec() from setup_arch() (bnc#1012382 bsc#1131107).
- powerpc/64: Make meltdown reporting Book3S 64 specific (bnc#1012382).
- powerpc/64s: Include cpu header (bnc#1012382).
- powerpc/booke64: set RI in default MSR (bnc#1012382).
- powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg (bnc#1012382).
- powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E (bnc#1012382).
- powerpc/fsl: Add infrastructure to fixup branch predictor flush (bnc#1012382).
- powerpc/fsl: Add macro to flush the branch predictor (bnc#1012382).
- powerpc/fsl: Add nospectre_v2 command line argument (bnc#1012382).
- powerpc/fsl: Emulate SPRN_BUCSR register (bnc#1012382).
- powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used (bnc#1012382).
- powerpc/fsl: Fix the flush of branch predictor (bnc#1012382).
- powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' (bnc#1012382).
- powerpc/fsl: Flush branch predictor when entering KVM (bnc#1012382).
- powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) (bnc#1012382).
- powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) (bnc#1012382).
- powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms (bnc#1012382).
- powerpc/fsl: Update Spectre v2 reporting (bnc#1012382).
- powerpc/lib: fix book3s/32 boot failure due to code patching (bnc#1012382).
- powerpc/xmon: Add RFI flush related fields to paca dump (bnc#1012382).
- qede: fix write to free'd pointer error and double free of ptp (bsc#1019695 bsc#1019696).
- qlcnic: Avoid potential NULL pointer dereference (bnc#1012382).
- qmi_wwan: add Olicard 600 (bnc#1012382).
- rdma/iw_cxgb4: Fix the unchecked ep dereference (bsc#1005778 bsc#1005780 bsc#1005781).
- rdma/qedr: Fix out of bounds index check in query pkey (bsc#1022604).
- regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#1012382).
- rsi: improve kernel thread handling to fix kernel panic (bnc#1012382).
- rtc: da9063: set uie_unsupported when relevant (bnc#1012382).
- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bnc#1012382).
- s390/3270: fix lockdep false positive on view->lock (bnc#1012382).
- s390/dasd: Fix capacity calculation for large volumes (bnc#1012382).
- s390: ctcm: fix ctcm_new_device error return code (bnc#1012382).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bnc#1012382).
- sc16is7xx: move label 'err_spi' to correct section (git-fixes).
- sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (bnc#1012382).
- sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (bnc#1012382).
- sched/numa: Fix a possible divide-by-zero (bnc#1012382).
- sched: Add sched_smt_active() (bnc#1012382).
- scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#1012382).
- scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (bnc#1012382).
- scsi: libsas: fix a race condition when smp task timeout (bnc#1012382).
- scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012382).
- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bnc#1012382).
- scsi: qla4xxx: fix a potential NULL pointer dereference (bnc#1012382).
- scsi: storvsc: Fix calculation of sub-channel count (bnc#1012382).
- scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN (bnc#1012382).
- sctp: initialize _pad of sockaddr_in before copying to user memory (bnc#1012382).
- selftests/net: correct the return value for run_netsocktests (bnc#1012382).
- selinux: never allow relabeling on context mounts (bnc#1012382).
- serial: uartps: console_setup() can't be placed to init section (bnc#1012382).
- slip: make slhc_free() silently accept an error pointer (bnc#1012382).
- soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012382).
- soc: imx-sgtl5000: add missing put_device() (bnc#1012382).
- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012382).
- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bnc#1012382).
- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bnc#1012382).
- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bnc#1012382).
- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bnc#1012382).
- staging: iio: adt7316: allow adt751x to use internal vref for all dacs (bnc#1012382).
- staging: iio: adt7316: fix the dac read calculation (bnc#1012382).
- staging: iio: adt7316: fix the dac write calculation (bnc#1012382).
- supported.conf: add lib/crc64 because bcache uses it
- sysctl: handle overflow for file-max (bnc#1012382).
- tcp: Ensure DCTCP reacts to losses (bnc#1012382).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- tcp: tcp_grow_window() needs to respect tcp_space() (bnc#1012382).
- team: fix possible recursive locking when add slaves (bnc#1012382).
- thermal/int340x_thermal: Add additional UUIDs (bnc#1012382).
- thermal/int340x_thermal: fix mode setting (bnc#1012382).
- timer/debug: Change /proc/timer_stats from 0644 to 0600 (bnc#1012382).
- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bnc#1012382).
- tipc: check link name with right length in tipc_nl_compat_link_set (bnc#1012382).
- tipc: handle the err returned from cmd header function (bnc#1012382).
- tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012382).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tools/power turbostat: return the exit status of a command (bnc#1012382).
- tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bnc#1012382).
- tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete (bnc#1012382).
- trace: Fix preempt_enable_no_resched() abuse (bnc#1012382).
- tracing: Fix partial reading of trace event's id file (bsc#1136573).
- tracing: kdb: Fix ftdump to not sleep (bnc#1012382).
- tty/serial: atmel: Add is_half_duplex helper (bnc#1012382).
- tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped (bnc#1012382).
- tty: increase the default flip buffer limit to 2*640K (bnc#1012382).
- tty: ldisc: add sysctl to prevent autoloading of ldiscs (bnc#1012382).
- uas: fix alignment of scatter/gather segments (bnc#1012382 bsc#1129770).
- uas: fix alignment of scatter/gather segments (bsc#1129770).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1136455).
- usb: Add new USB LPM helpers (bsc#1129770).
- usb: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770).
- usb: cdc-acm: fix race during wakeup blocking TX traffic (bsc#1129770).
- usb: cdc-acm: fix unthrottle races (bsc#1135642).
- usb: chipidea: Grab the (legacy) usb PHY by phandle first (bnc#1012382).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bnc#1012382).
- usb: core: Fix unterminated string returned by usb_string() (bnc#1012382).
- usb: dwc3: Fix default lpm_nyet_threshold value (bnc#1012382).
- usb: gadget: net2272: Fix net2272_dequeue() (bnc#1012382).
- usb: gadget: net2280: Fix net2280_dequeue() (bnc#1012382).
- usb: gadget: net2280: Fix overrun of OUT messages (bnc#1012382).
- usb: serial: fix unthrottle races (bnc#1012382).
- usb: serial: use variable for status (bnc#1012382).
- usb: u132-hcd: fix resource leak (bnc#1012382).
- usb: usbip: fix isoc packet num validation in get_pipe (bnc#1012382).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bnc#1012382).
- usb: yurex: Fix protection fault after device removal (bnc#1012382).
- usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set (bnc#1012382).
- usbnet: ipheth: prevent TX queue timeouts when device not ready (bnc#1012382).
- vfio/pci: use correct format characters (bnc#1012382).
- vlan: disable SIOCSHWTSTAMP in container (bnc#1012382).
- vrf: sit mtu should not be updated when vrf netdev is the link (bnc#1012382).
- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#1012382).
- x86/Kconfig: Select SCHED_SMT if SMP enabled (bnc#1012382).
- x86/MCE: Save microcode revision in machine check records (bnc#1012382).
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bnc#1012382).
- x86/bugs: Change L1TF mitigation string to match upstream (bnc#1012382).
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bnc#1012382).
- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bnc#1012382).
- x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#1012382).
- x86/build: Specify elf_i386 linker emulation explicitly for i386 objects (bnc#1012382).
- x86/cpu/bugs: Use __initconst for 'const' init data (bnc#1012382).
- x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors (bnc#1012382).
- x86/cpufeatures: Hide AMD-specific speculation flags (bnc#1012382).
- x86/hpet: Prevent potential NULL pointer dereference (bnc#1012382).
- x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error (bnc#1012382).
- x86/kprobes: Verify stack frame on kretprobe (bnc#1012382).
- x86/mds: Add MDSUM variant to the MDS documentation (bnc#1012382).
- x86/microcode/intel: Add a helper which gives the microcode revision (bnc#1012382).
- x86/microcode/intel: Check microcode revision before updating sibling threads (bnc#1012382).
- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bnc#1012382).
- x86/microcode: Update the new microcode revision unconditionally (bnc#1012382).
- x86/mm: Use WRITE_ONCE() when setting PTEs (bnc#1012382).
- x86/process: Consolidate and simplify switch_to_xtra() code (bnc#1012382).
- x86/speculataion: Mark command line parser data __initdata (bnc#1012382).
- x86/speculation/l1tf: Document l1tf in sysfs (bnc#1012382).
- x86/speculation/mds: Fix comment (bnc#1012382).
- x86/speculation/mds: Fix documentation typo (bnc#1012382).
- x86/speculation: Add command line control for indirect branch speculation (bnc#1012382).
- x86/speculation: Add prctl() control for indirect branch speculation (bnc#1012382).
- x86/speculation: Add seccomp Spectre v2 user space protection mode (bnc#1012382).
- x86/speculation: Avoid __switch_to_xtra() calls (bnc#1012382).
- x86/speculation: Clean up spectre_v2_parse_cmdline() (bnc#1012382).
- x86/speculation: Disable STibP when enhanced IBRS is in use (bnc#1012382).
- x86/speculation: Enable prctl mode for spectre_v2_user (bnc#1012382).
- x86/speculation: Mark string arrays const correctly (bnc#1012382).
- x86/speculation: Move STIPB/ibPB string conditionals out of cpu_show_common() (bnc#1012382).
- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bnc#1012382).
- x86/speculation: Prepare for conditional ibPB in switch_mm() (bnc#1012382).
- x86/speculation: Prepare for per task indirect branch speculation control (bnc#1012382).
- x86/speculation: Prevent stale SPEC_CTRL msr content (bnc#1012382).
- x86/speculation: Provide ibPB always command line options (bnc#1012382).
- x86/speculation: Remove SPECTRE_V2_ibRS in enum spectre_v2_mitigation (bnc#1012382).
- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bnc#1012382).
- x86/speculation: Rename SSBD update functions (bnc#1012382).
- x86/speculation: Reorder the spec_v2 code (bnc#1012382).
- x86/speculation: Reorganize speculation control MSRs update (bnc#1012382).
- x86/speculation: Split out TIF update (bnc#1012382).
- x86/speculation: Support 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).
- x86/speculation: Support Enhanced ibRS on future CPUs (bnc#1012382).
- x86/speculation: Unify conditional spectre v2 print functions (bnc#1012382).
- x86/speculation: Update the TIF_SSBD comment (bnc#1012382).
- x86/vdso: Drop implicit common-page-size linker flag (bnc#1012382).
- x86/vdso: Pass --eh-frame-hdr to the linker (git-fixes).
- x86: vdso: Use $LD instead of $CC to link (bnc#1012382).
- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
- xen: Prevent buffer overflow in privcmd ioctl (bnc#1012382).
- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
- xsysace: Fix error handling in ace_setup (bnc#1012382).
- xtensa: fix return_address (bnc#1012382).
Patchnames
SUSE-2019-1532,SUSE-SLE-DESKTOP-12-SP3-2019-1532,SUSE-SLE-HA-12-SP3-2019-1532,SUSE-SLE-Live-Patching-12-SP3-2019-1532,SUSE-SLE-SDK-12-SP3-2019-1532,SUSE-SLE-SERVER-12-SP3-2019-1532,SUSE-SLE-WE-12-SP3-2019-1532
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will\nfragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an\nexpensive linked-list walk for subsequent SACKs received for that same TCP connection.\n- CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.\n- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bnc#1136424)\n- CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked kstrdup of fwstr, which might have allowed an attacker to cause a denial of service (NULL pointer dereference and system crash). (bnc#1136586)\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may have been possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bnc#1120843)\n- CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might have allowed local users to obtain sensitive information by reading uninitialized data in the filesystem. (bnc#1135281)\n- CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)\n- CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() was called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check had a race condition when reading /proc/pid/stat. (bnc#1132472)\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bnc#1134537)\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character. (bnc#1134848)\n- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel It did not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. (bnc#1110785)\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)\n\nThe following non-security bugs were fixed:\n\n- 9p locks: add mount option for lock retry interval (bnc#1012382).\n- 9p: do not trust pdu content for stat item size (bnc#1012382).\n- X.509: unpack RSA signatureValue field from BIT STRING (git-fixes).\n- acpi / sbs: Fix GPE storm on recent MacBookPro's (bnc#1012382).\n- alsa: core: Fix card races between register and disconnect (bnc#1012382).\n- alsa: echoaudio: add a check for ioremap_nocache (bnc#1012382).\n- alsa: info: Fix racy addition/deletion of nodes (bnc#1012382).\n- alsa: line6: use dynamic buffers (bnc#1012382).\n- alsa: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration (bnc#1012382).\n- alsa: pcm: check if ops are defined before suspending PCM (bnc#1012382).\n- alsa: sb8: add a check for request_region (bnc#1012382).\n- alsa: seq: Fix OOB-reads from strlcpy (bnc#1012382).\n- appletalk: Fix compile regression (bnc#1012382).\n- appletalk: Fix use-after-free in atalk_proc_exit (bnc#1012382).\n- arm64/kernel: do not ban ADRP to work around Cortex-A53 erratum #843419 (bsc#1126040).\n- arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp (bsc#1126040).\n- arm64: Add helper to decode register from instruction (bsc#1126040).\n- arm64: debug: Do not propagate UNKNOWN FAR into si_code for debug signals (bnc#1012382).\n- arm64: debug: Ensure debug handlers check triggering exception level (bnc#1012382).\n- arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#1012382).\n- arm64: futex: Restore oldval initialization to work around buggy compilers (bnc#1012382).\n- arm64: module-plts: factor out PLT generation code for ftrace (bsc#1126040).\n- arm64: module: do not BUG when exceeding preallocated PLT count (bsc#1126040).\n- arm64: module: split core and init PLT sections (bsc#1126040).\n- arm: 8833/1: Ensure that NEON code always compiles with Clang (bnc#1012382).\n- arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bnc#1012382).\n- arm: 8840/1: use a raw_spinlock_t in unwind (bnc#1012382).\n- arm: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012382).\n- arm: dts: at91: Fix typo in ISC_D0 on PC9 (bnc#1012382).\n- arm: dts: pfla02: increase phy reset duration (bnc#1012382).\n- arm: iop: do not use using 64-bit DMA masks (bnc#1012382).\n- arm: orion: do not use using 64-bit DMA masks (bnc#1012382).\n- arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bnc#1012382).\n- asoc: Intel: avoid Oops if DMA setup fails (bnc#1012382).\n- asoc: cs4270: Set auto-increment bit for register writes (bnc#1012382).\n- asoc: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc#1012382).\n- asoc: fsl_esai: fix channel swap issue when stream starts (bnc#1012382).\n- asoc: tlv320aic32x4: Fix Common Pins (bnc#1012382).\n- asoc:soc-pcm:fix a codec fixup issue in TDM case (bnc#1012382).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1106929)\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: comment on direct access to bvec table (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_device_init() (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#1012382).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bnc#1012382).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bnc#1012382).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: trace missed reading by cache_missed (bsc#1130972).\n- bcache: treat stale and dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- bcache: writeback: properly order backing device IO (bsc#1130972).\n- binfmt_elf: switch to new creds when switching to new mm (bnc#1012382).\n- bitops: avoid integer overflow in GENMASK(_ULL) (bnc#1012382).\n- block: check_events: do not bother with events if unsupported (bsc#1110946).\n- block: disk_events: introduce event flags (bsc#1110946).\n- block: do not leak memory in bio_copy_user_iov() (bnc#1012382).\n- block: fix use-after-free on gendisk (bsc#1136448).\n- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bnc#1012382).\n- bluetooth: Fix decrementing reference count twice in releasing socket (bnc#1012382).\n- bnxt_en: Improve multicast address setup logic (bnc#1012382).\n- bonding: fix arp_validate toggling in active-backup mode (bnc#1012382).\n- bonding: fix event handling for stacked bonds (bnc#1012382).\n- bonding: show full hw address in sysfs for slave entries (bnc#1012382).\n- bpf: reject wrong sized filters earlier (bnc#1012382).\n- bridge: Fix error path for kobject_init_and_add() (bnc#1012382).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1134338).\n- btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root lifespan (bsc#1134651).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- cdc-acm: cleaning up debug in data submission path (bsc#1136539).\n- cdc-acm: fix race between reset and control messaging (bsc#1106110).\n- cdc-acm: handle read pipe errors (bsc#1135878).\n- cdc-acm: reassemble fragmented notifications (bsc#1136590).\n- cdc-acm: store in and out pipes in acm structure (bsc#1136575).\n- cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012382).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134564).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134565).\n- ceph: only use d_name directly when parent is locked (bsc#1134566).\n- cifs: Fix NULL pointer dereference of devname (bnc#1012382).\n- cifs: do not attempt cifs operation on smb2+ rename error (bnc#1012382).\n- cifs: fallback to older infolevels on findfirst queryinfo retry (bnc#1012382).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- cifs: use correct format characters (bnc#1012382).\n- clk: fix mux clock documentation (bsc#1090888).\n- coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012382).\n- cpu/speculation: Add 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).\n- cpupower: remove stringop-truncation waring (bsc#1119086).\n- crypto: crypto4xx - properly set IV after de- and encrypt (bnc#1012382).\n- crypto: sha256/arm - fix crash bug in Thumb2 build (bnc#1012382).\n- crypto: sha512/arm - fix crash bug in Thumb2 build (bnc#1012382).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1135661, bsc#1137162).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1135661, bsc#1137162).\n- crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).\n- crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).\n- crypto: vmx: Only call enable_kernel_vsx() (bsc#1135661, bsc#1137162).\n- crypto: x86/poly1305 - fix overflow during partial reduction (bnc#1012382).\n- debugfs: fix use-after-free on symlink traversal (bnc#1012382).\n- device_cgroup: fix RCU imbalance in error case (bnc#1012382).\n- dm thin: add sanity checks to thin-pool and external snapshot creation (bnc#1012382).\n- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#1012382).\n- dmaengine: tegra: avoid overflow of byte tracking (bnc#1012382).\n- documentation: Add MDS vulnerability documentation (bnc#1012382).\n- documentation: Add nospectre_v1 parameter (bnc#1012382).\n- documentation: Correct the possible MDS sysfs values (bnc#1012382).\n- documentation: Move L1TF to separate directory (bnc#1012382).\n- drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl (bnc#1012382).\n- drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl (bnc#1012382).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1106929)\n- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#1012382).\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bnc#1106929)\n- drm/i915: Fix I915_EXEC_RING_MASK (bnc#1106929)\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1106929)\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1106929)\n- drm/vc4: Account for interrupts in flight (bsc#1106929)\n- drm/vc4: Allocate the right amount of space for boot-time CRTC state. (bsc#1106929)\n- drm/vc4: Fix NULL pointer dereference in vc4_save_hang_state() (bsc#1106929)\n- drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. (bsc#1106929)\n- drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos() (bsc#1106929)\n- drm/vc4: Fix compilation error reported by kbuild test bot (bsc#1106929)\n- drm/vc4: Fix memory leak during gpu reset. (bsc#1106929)\n- drm/vc4: Fix memory leak of the CRTC state. (bsc#1106929)\n- drm/vc4: Fix oops when userspace hands in a bad BO. (bsc#1106929)\n- drm/vc4: Fix overflow mem unreferencing when the binner runs dry. (bsc#1106929)\n- drm/vc4: Fix races when the CS reads from render targets. (bsc#1106929)\n- drm/vc4: Fix scaling of uni-planar formats (bsc#1106929)\n- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1106929)\n- drm/vc4: Flush the caches before the bin jobs, as well. (bsc#1106929)\n- drm/vc4: Free hang state before destroying BO cache. (bsc#1106929)\n- drm/vc4: Move IRQ enable to PM path (bsc#1106929)\n- drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar (bsc#1106929)\n- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1106929)\n- drm/vc4: Use drm_free_large() on handles to match its allocation. (bsc#1106929)\n- drm/vc4: fix a bounds check (bsc#1106929)\n- drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1106929)\n- drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to (bsc#1106929)\n- dt-bindings: rcar-dmac: Document missing error interrupt (bsc#1085535).\n- e1000e: Add Support for 38.4MHZ frequency (bsc#1108293 ).\n- e1000e: Add Support for CannonLake (bsc#1108293).\n- e1000e: Fix -Wformat-truncation warnings (bnc#1012382).\n- e1000e: Initial Support for CannonLake (bsc#1108293 ).\n- enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012382).\n- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1136458).\n- ext4: Return EAGAIN in case of DIO is beyond end of file (bsc#1136810).\n- ext4: actually request zeroing of inode table after grow (bsc#1136451).\n- ext4: add missing brelse() in add_new_gdb_meta_bg() (bnc#1012382).\n- ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).\n- ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012382).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1136452).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1136449).\n- ext4: make sure enough credits are reserved for dioread_nolock writes (bsc#1136623).\n- ext4: prohibit fstrim in norecovery mode (bnc#1012382).\n- ext4: report real fs size after failed resize (bnc#1012382).\n- ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).\n- f2fs: do not use mutex lock in atomic context (bnc#1012382).\n- f2fs: fix to do sanity check with current segment number (bnc#1012382).\n- fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#1012382).\n- fix incorrect error code mapping for OBJECTID_NOT_FOUND (bnc#1012382).\n- fs/file.c: initialize init_files.resize_wait (bnc#1012382).\n- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bnc#1012382).\n- fs: fix guard_bio_eod to check for real EOD errors (bnc#1012382).\n- ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).\n- genirq: Prevent use-after-free and work list corruption (bnc#1012382).\n- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bnc#1012382).\n- gpio: gpio-omap: fix level interrupt idling (bnc#1012382).\n- gpu: ipu-v3: dp: fix CSC handling (bnc#1012382).\n- h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#1012382).\n- hid: debug: fix race condition with between rdesc_show() and device removal (bnc#1012382).\n- hid: input: add mapping for Expose/Overview key (bnc#1012382).\n- hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bnc#1012382).\n- hugetlbfs: fix memory leak for resv_map (bnc#1012382).\n- hwrng: virtio - Avoid repeated init of completion (bnc#1012382).\n- i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (bnc#1012382).\n- ib/hfi1: Eliminate opcode tests on mr deref ().\n- ib/hfi1: Unreserve a reserved request when it is completed ().\n- ib/mlx4: Fix race condition between catas error reset and aliasguid flows (bnc#1012382).\n- ib/mlx4: Increase the timeout for CM cache (bnc#1012382).\n- ib/rdmavt: Add wc_flags and wc_immdata to cq entry trace ().\n- ib/rdmavt: Fix frwr memory registration ().\n- igb: Fix WARN_ONCE on runtime suspend (bnc#1012382).\n- iio/gyro/bmg160: Use millidegrees for temperature scale (bnc#1012382).\n- iio: ad_sigma_delta: select channel when reading register (bnc#1012382).\n- iio: adc: at91: disable adc channel interrupt in timeout case (bnc#1012382).\n- iio: adc: xilinx: fix potential use-after-free on remove (bnc#1012382).\n- include/linux/bitrev.h: fix constant bitrev (bnc#1012382).\n- include/linux/swap.h: use offsetof() instead of custom __swapoffset macro (bnc#1012382).\n- init: initialize jump labels before command line option parsing (bnc#1012382).\n- input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bnc#1012382).\n- io: accel: kxcjk1013: restore the range after resume (bnc#1012382).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135013).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135014).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135015).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (bnc#1012382).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1135120).\n- ipv4: Fix raw socket lookup for local traffic (bnc#1012382).\n- ipv4: add sanity checks in ipv4_link_failure() (git-fixes).\n- ipv4: ensure rcu_read_lock() in ipv4_link_failure() (bnc#1012382).\n- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (bnc#1012382).\n- ipv4: recompile ip options in ipv4_link_failure (bnc#1012382).\n- ipv4: set the tcp_min_rtt_wlen range from 0 to one day (bnc#1012382).\n- ipv6/flowlabel: wait rcu grace period before put_pid() (bnc#1012382).\n- ipv6: Fix dangling pointer when ipv6 fragment (bnc#1012382).\n- ipv6: fix a potential deadlock in do_ipv6_setsockopt() (bnc#1012382).\n- ipv6: invert flowlabel sharing check in process and user mode (bnc#1012382).\n- ipv6: sit: reset ip header pointer in ipip6_rcv (bnc#1012382).\n- ipvs: do not schedule icmp errors from tunnels (bnc#1012382).\n- jffs2: fix use-after-free on symlink traversal (bnc#1012382).\n- kABI: protect ring_buffer_read_prepare (kabi).\n- kABI: protect struct tlb_state (kabi).\n- kABI: protect struct usb_interface (kabi).\n- kABI: restore ___ptrace_may_access (kabi).\n- kABI: restore icmp_send (kabi).\n- kabi: arm64: fix kabi breakage on arch specific module (bsc#1126040)\n- kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).\n- kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD (bnc#1012382).\n- kbuild: simplify ld-option implementation (bnc#1012382).\n- kconfig/[mn]conf: handle backspace (^H) key (bnc#1012382).\n- kconfig: display recursive dependency resolution hint just once (bsc#1100132).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bnc#1012382).\n- keys: Timestamp new keys (bsc#1120902).\n- kprobes: Fix error check when reusing optimized probes (bnc#1012382).\n- kprobes: Mark ftrace mcount handler functions nokprobe (bnc#1012382).\n- kprobes: Prohibit probing on bsearch() (bnc#1012382).\n- kvm: fail KVM_SET_VCPU_EVENTS with invalid exception number (bnc#1012382).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bnc#1012382).\n- kvm: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing (bnc#1012382).\n- leds: lp55xx: fix null deref on firmware load failure (bnc#1012382).\n- lib/div64.c: off by one in shift (bnc#1012382).\n- lib/int_sqrt: optimize initial value compute (bnc#1012382).\n- lib/string.c: implement a basic bcmp (bnc#1012382).\n- lib: add crc64 calculation routines (bsc#1130972).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- libata: fix using DMA buffers on stack (bnc#1012382).\n- libnvdimm/btt: Fix a kmemdup failure check (bnc#1012382).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mac80211: do not call driver wake_tx_queue op during reconfig (bnc#1012382).\n- mac80211_hwsim: validate number of different channels (bsc#1085539).\n- md: use mddev_suspend/resume instead of ->quiesce() (bsc#1132212).\n- media: mt9m111: set initial frame size other than 0x0 (bnc#1012382).\n- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1135642).\n- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#1012382).\n- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#1012382).\n- media: v4l2: i2c: ov7670: Fix PLL bypass register values (bnc#1012382).\n- media: vb2: do not call __vb2_queue_cancel if vb2_start_streaming failed (bsc#1120902).\n- mips: scall64-o32: Fix indirect syscall number load (bnc#1012382).\n- mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012382).\n- mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012382).\n- mm/slab.c: kmemleak no scan alien caches (bnc#1012382).\n- mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012382).\n- mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n (bnc#1012382).\n- mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bnc#1012382).\n- mmc: davinci: remove extraneous __init annotation (bnc#1012382).\n- mmc: omap: fix the maximum timeout setting (bnc#1012382).\n- modpost: file2alias: check prototype of handler (bnc#1012382).\n- modpost: file2alias: go back to simple devtable lookup (bnc#1012382).\n- mount: copy the port field into the cloned nfs_server structure (bsc#1136990).\n- mt7601u: bump supported EEPROM version (bnc#1012382).\n- mtd: Fix comparison in map_word_andequal() (git-fixes).\n- mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net: atm: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (bnc#1012382).\n- net: ena: fix return value of ena_com_config_llq_info() (bsc#1117562).\n- net: ethernet: ti: fix possible object reference leak (bnc#1012382).\n- net: ethtool: not call vzalloc for zero sized memory request (bnc#1012382).\n- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (bnc#1012382).\n- net: hns: Fix WARNING when remove HNS driver with SMMU enabled (bnc#1012382).\n- net: hns: Use NAPI_POLL_WEIGHT for hns driver (bnc#1012382).\n- net: ibm: fix possible object reference leak (bnc#1012382).\n- net: ks8851: Delay requesting IRQ until opened (bnc#1012382).\n- net: ks8851: Dequeue RX packets explicitly (bnc#1012382).\n- net: ks8851: Reassert reset pin if chip ID check fails (bnc#1012382).\n- net: ks8851: Set initial carrier state to down (bnc#1012382).\n- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock() (bnc#1012382).\n- net: stmmac: move stmmac_check_ether_addr() to driver probe (bnc#1012382).\n- net: ucc_geth - fix Oops when changing number of buffers in the ring (bnc#1012382).\n- net: xilinx: fix possible object reference leak (bnc#1012382).\n- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (bnc#1012382).\n- netfilter: compat: initialize all fields in xt_init (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON (bnc#1012382).\n- netfilter: physdev: relax br_netfilter dependency (bnc#1012382).\n- netns: provide pure entropy for net_hash_mix() (bnc#1012382).\n- nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).\n- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).\n- nfs: Fix I/O request leakages (git-fixes).\n- nfs: Forbid setting AF_INET6 to 'struct sockaddr_in'->sin_family (bnc#1012382).\n- nfs: clean up rest of reqs when failing to add one (git-fixes).\n- nfsd: Do not release the callback slot unless it was actually held (bnc#1012382).\n- ntp: Allow TAI-UTC offset to be set to zero (bsc#1135642).\n- nvme-fc: resolve io failures during connect (bsc#1116803).\n- nvme: Do not allow to reset a reconnecting controller (bsc#1133874).\n- ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012382).\n- openvswitch: fix flow actions reallocation (bnc#1012382).\n- pNFS: Skip invalid stateids when doing a bulk destroy (git-fixes).\n- packet: Fix error path in packet_init (bnc#1012382).\n- packet: validate msg_namelen in send directly (bnc#1012382).\n- pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bnc#1012382).\n- pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1137142).\n- pci: Mark Atheros AR9462 to avoid bus reset (bsc#1135642).\n- pci: xilinx-nwl: Add missing of_node_put() (bsc#1100132).\n- perf evsel: Free evsel->counts in perf_evsel__exit() (bnc#1012382).\n- perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012382).\n- perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() (bnc#1012382).\n- perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test (bnc#1012382).\n- perf top: Fix error handling in cmd_top() (bnc#1012382).\n- perf/core: Restore mmap record type correctly (bnc#1012382).\n- perf/x86/intel: Allow PEBS multi-entry in watermark mode (git-fixes).\n- perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS (bnc#1012382).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bnc#1012382).\n- powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (bnc#1012382).\n- powerpc/64: Call setup_barrier_nospec() from setup_arch() (bnc#1012382 bsc#1131107).\n- powerpc/64: Make meltdown reporting Book3S 64 specific (bnc#1012382).\n- powerpc/64s: Include cpu header (bnc#1012382).\n- powerpc/booke64: set RI in default MSR (bnc#1012382).\n- powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg (bnc#1012382).\n- powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E (bnc#1012382).\n- powerpc/fsl: Add infrastructure to fixup branch predictor flush (bnc#1012382).\n- powerpc/fsl: Add macro to flush the branch predictor (bnc#1012382).\n- powerpc/fsl: Add nospectre_v2 command line argument (bnc#1012382).\n- powerpc/fsl: Emulate SPRN_BUCSR register (bnc#1012382).\n- powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used (bnc#1012382).\n- powerpc/fsl: Fix the flush of branch predictor (bnc#1012382).\n- powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' (bnc#1012382).\n- powerpc/fsl: Flush branch predictor when entering KVM (bnc#1012382).\n- powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) (bnc#1012382).\n- powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) (bnc#1012382).\n- powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms (bnc#1012382).\n- powerpc/fsl: Update Spectre v2 reporting (bnc#1012382).\n- powerpc/lib: fix book3s/32 boot failure due to code patching (bnc#1012382).\n- powerpc/xmon: Add RFI flush related fields to paca dump (bnc#1012382).\n- qede: fix write to free'd pointer error and double free of ptp (bsc#1019695 bsc#1019696).\n- qlcnic: Avoid potential NULL pointer dereference (bnc#1012382).\n- qmi_wwan: add Olicard 600 (bnc#1012382).\n- rdma/iw_cxgb4: Fix the unchecked ep dereference (bsc#1005778 bsc#1005780 bsc#1005781).\n- rdma/qedr: Fix out of bounds index check in query pkey (bsc#1022604).\n- regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#1012382).\n- rsi: improve kernel thread handling to fix kernel panic (bnc#1012382).\n- rtc: da9063: set uie_unsupported when relevant (bnc#1012382).\n- rtc: sh: Fix invalid alarm warning for non-enabled alarm (bnc#1012382).\n- s390/3270: fix lockdep false positive on view->lock (bnc#1012382).\n- s390/dasd: Fix capacity calculation for large volumes (bnc#1012382).\n- s390: ctcm: fix ctcm_new_device error return code (bnc#1012382).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bnc#1012382).\n- sc16is7xx: move label 'err_spi' to correct section (git-fixes).\n- sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (bnc#1012382).\n- sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (bnc#1012382).\n- sched/numa: Fix a possible divide-by-zero (bnc#1012382).\n- sched: Add sched_smt_active() (bnc#1012382).\n- scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#1012382).\n- scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (bnc#1012382).\n- scsi: libsas: fix a race condition when smp task timeout (bnc#1012382).\n- scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012382).\n- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bnc#1012382).\n- scsi: qla4xxx: fix a potential NULL pointer dereference (bnc#1012382).\n- scsi: storvsc: Fix calculation of sub-channel count (bnc#1012382).\n- scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN (bnc#1012382).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (bnc#1012382).\n- selftests/net: correct the return value for run_netsocktests (bnc#1012382).\n- selinux: never allow relabeling on context mounts (bnc#1012382).\n- serial: uartps: console_setup() can't be placed to init section (bnc#1012382).\n- slip: make slhc_free() silently accept an error pointer (bnc#1012382).\n- soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012382).\n- soc: imx-sgtl5000: add missing put_device() (bnc#1012382).\n- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012382).\n- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bnc#1012382).\n- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bnc#1012382).\n- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bnc#1012382).\n- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bnc#1012382).\n- staging: iio: adt7316: allow adt751x to use internal vref for all dacs (bnc#1012382).\n- staging: iio: adt7316: fix the dac read calculation (bnc#1012382).\n- staging: iio: adt7316: fix the dac write calculation (bnc#1012382).\n- supported.conf: add lib/crc64 because bcache uses it\n- sysctl: handle overflow for file-max (bnc#1012382).\n- tcp: Ensure DCTCP reacts to losses (bnc#1012382).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- tcp: tcp_grow_window() needs to respect tcp_space() (bnc#1012382).\n- team: fix possible recursive locking when add slaves (bnc#1012382).\n- thermal/int340x_thermal: Add additional UUIDs (bnc#1012382).\n- thermal/int340x_thermal: fix mode setting (bnc#1012382).\n- timer/debug: Change /proc/timer_stats from 0644 to 0600 (bnc#1012382).\n- tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bnc#1012382).\n- tipc: check link name with right length in tipc_nl_compat_link_set (bnc#1012382).\n- tipc: handle the err returned from cmd header function (bnc#1012382).\n- tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012382).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tools/power turbostat: return the exit status of a command (bnc#1012382).\n- tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bnc#1012382).\n- tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete (bnc#1012382).\n- trace: Fix preempt_enable_no_resched() abuse (bnc#1012382).\n- tracing: Fix partial reading of trace event's id file (bsc#1136573).\n- tracing: kdb: Fix ftdump to not sleep (bnc#1012382).\n- tty/serial: atmel: Add is_half_duplex helper (bnc#1012382).\n- tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped (bnc#1012382).\n- tty: increase the default flip buffer limit to 2*640K (bnc#1012382).\n- tty: ldisc: add sysctl to prevent autoloading of ldiscs (bnc#1012382).\n- uas: fix alignment of scatter/gather segments (bnc#1012382 bsc#1129770).\n- uas: fix alignment of scatter/gather segments (bsc#1129770).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1136455).\n- usb: Add new USB LPM helpers (bsc#1129770).\n- usb: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770).\n- usb: cdc-acm: fix race during wakeup blocking TX traffic (bsc#1129770).\n- usb: cdc-acm: fix unthrottle races (bsc#1135642).\n- usb: chipidea: Grab the (legacy) usb PHY by phandle first (bnc#1012382).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bnc#1012382).\n- usb: core: Fix unterminated string returned by usb_string() (bnc#1012382).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bnc#1012382).\n- usb: gadget: net2272: Fix net2272_dequeue() (bnc#1012382).\n- usb: gadget: net2280: Fix net2280_dequeue() (bnc#1012382).\n- usb: gadget: net2280: Fix overrun of OUT messages (bnc#1012382).\n- usb: serial: fix unthrottle races (bnc#1012382).\n- usb: serial: use variable for status (bnc#1012382).\n- usb: u132-hcd: fix resource leak (bnc#1012382).\n- usb: usbip: fix isoc packet num validation in get_pipe (bnc#1012382).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bnc#1012382).\n- usb: yurex: Fix protection fault after device removal (bnc#1012382).\n- usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set (bnc#1012382).\n- usbnet: ipheth: prevent TX queue timeouts when device not ready (bnc#1012382).\n- vfio/pci: use correct format characters (bnc#1012382).\n- vlan: disable SIOCSHWTSTAMP in container (bnc#1012382).\n- vrf: sit mtu should not be updated when vrf netdev is the link (bnc#1012382).\n- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#1012382).\n- x86/Kconfig: Select SCHED_SMT if SMP enabled (bnc#1012382).\n- x86/MCE: Save microcode revision in machine check records (bnc#1012382).\n- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bnc#1012382).\n- x86/bugs: Change L1TF mitigation string to match upstream (bnc#1012382).\n- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bnc#1012382).\n- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bnc#1012382).\n- x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#1012382).\n- x86/build: Specify elf_i386 linker emulation explicitly for i386 objects (bnc#1012382).\n- x86/cpu/bugs: Use __initconst for 'const' init data (bnc#1012382).\n- x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors (bnc#1012382).\n- x86/cpufeatures: Hide AMD-specific speculation flags (bnc#1012382).\n- x86/hpet: Prevent potential NULL pointer dereference (bnc#1012382).\n- x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error (bnc#1012382).\n- x86/kprobes: Verify stack frame on kretprobe (bnc#1012382).\n- x86/mds: Add MDSUM variant to the MDS documentation (bnc#1012382).\n- x86/microcode/intel: Add a helper which gives the microcode revision (bnc#1012382).\n- x86/microcode/intel: Check microcode revision before updating sibling threads (bnc#1012382).\n- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bnc#1012382).\n- x86/microcode: Update the new microcode revision unconditionally (bnc#1012382).\n- x86/mm: Use WRITE_ONCE() when setting PTEs (bnc#1012382).\n- x86/process: Consolidate and simplify switch_to_xtra() code (bnc#1012382).\n- x86/speculataion: Mark command line parser data __initdata (bnc#1012382).\n- x86/speculation/l1tf: Document l1tf in sysfs (bnc#1012382).\n- x86/speculation/mds: Fix comment (bnc#1012382).\n- x86/speculation/mds: Fix documentation typo (bnc#1012382).\n- x86/speculation: Add command line control for indirect branch speculation (bnc#1012382).\n- x86/speculation: Add prctl() control for indirect branch speculation (bnc#1012382).\n- x86/speculation: Add seccomp Spectre v2 user space protection mode (bnc#1012382).\n- x86/speculation: Avoid __switch_to_xtra() calls (bnc#1012382).\n- x86/speculation: Clean up spectre_v2_parse_cmdline() (bnc#1012382).\n- x86/speculation: Disable STibP when enhanced IBRS is in use (bnc#1012382).\n- x86/speculation: Enable prctl mode for spectre_v2_user (bnc#1012382).\n- x86/speculation: Mark string arrays const correctly (bnc#1012382).\n- x86/speculation: Move STIPB/ibPB string conditionals out of cpu_show_common() (bnc#1012382).\n- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bnc#1012382).\n- x86/speculation: Prepare for conditional ibPB in switch_mm() (bnc#1012382).\n- x86/speculation: Prepare for per task indirect branch speculation control (bnc#1012382).\n- x86/speculation: Prevent stale SPEC_CTRL msr content (bnc#1012382).\n- x86/speculation: Provide ibPB always command line options (bnc#1012382).\n- x86/speculation: Remove SPECTRE_V2_ibRS in enum spectre_v2_mitigation (bnc#1012382).\n- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bnc#1012382).\n- x86/speculation: Rename SSBD update functions (bnc#1012382).\n- x86/speculation: Reorder the spec_v2 code (bnc#1012382).\n- x86/speculation: Reorganize speculation control MSRs update (bnc#1012382).\n- x86/speculation: Split out TIF update (bnc#1012382).\n- x86/speculation: Support 'mitigations=' cmdline option (bnc#1012382 bsc#1112178).\n- x86/speculation: Support Enhanced ibRS on future CPUs (bnc#1012382).\n- x86/speculation: Unify conditional spectre v2 print functions (bnc#1012382).\n- x86/speculation: Update the TIF_SSBD comment (bnc#1012382).\n- x86/vdso: Drop implicit common-page-size linker flag (bnc#1012382).\n- x86/vdso: Pass --eh-frame-hdr to the linker (git-fixes).\n- x86: vdso: Use $LD instead of $CC to link (bnc#1012382).\n- x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).\n- x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).\n- xen: Prevent buffer overflow in privcmd ioctl (bnc#1012382).\n- xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).\n- xsysace: Fix error handling in ace_setup (bnc#1012382).\n- xtensa: fix return_address (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-1532,SUSE-SLE-DESKTOP-12-SP3-2019-1532,SUSE-SLE-HA-12-SP3-2019-1532,SUSE-SLE-Live-Patching-12-SP3-2019-1532,SUSE-SLE-SDK-12-SP3-2019-1532,SUSE-SLE-SERVER-12-SP3-2019-1532,SUSE-SLE-WE-12-SP3-2019-1532", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1532-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:1532-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20191532-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:1532-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005575.html", }, { category: "self", summary: "SUSE Bug 1005778", url: "https://bugzilla.suse.com/1005778", }, { category: "self", summary: "SUSE Bug 1005780", url: "https://bugzilla.suse.com/1005780", }, { category: "self", summary: "SUSE Bug 1005781", url: "https://bugzilla.suse.com/1005781", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1019695", url: "https://bugzilla.suse.com/1019695", }, { category: "self", summary: "SUSE Bug 1019696", url: "https://bugzilla.suse.com/1019696", }, { category: "self", summary: "SUSE Bug 1022604", url: "https://bugzilla.suse.com/1022604", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1085539", url: "https://bugzilla.suse.com/1085539", }, { category: "self", summary: "SUSE Bug 1090888", url: "https://bugzilla.suse.com/1090888", }, { category: "self", summary: "SUSE Bug 1099658", url: "https://bugzilla.suse.com/1099658", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1106929", url: "https://bugzilla.suse.com/1106929", }, { category: "self", summary: "SUSE Bug 1108293", url: "https://bugzilla.suse.com/1108293", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1110785", url: "https://bugzilla.suse.com/1110785", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1112178", url: "https://bugzilla.suse.com/1112178", }, { category: "self", summary: "SUSE Bug 1116803", url: "https://bugzilla.suse.com/1116803", }, { category: "self", summary: "SUSE Bug 1117562", url: "https://bugzilla.suse.com/1117562", }, { category: "self", summary: "SUSE Bug 1119086", url: "https://bugzilla.suse.com/1119086", }, { category: "self", summary: "SUSE Bug 1120642", url: "https://bugzilla.suse.com/1120642", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1126040", url: "https://bugzilla.suse.com/1126040", }, { category: "self", summary: "SUSE Bug 1126356", url: "https://bugzilla.suse.com/1126356", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131107", url: "https://bugzilla.suse.com/1131107", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131565", url: "https://bugzilla.suse.com/1131565", }, { category: "self", summary: "SUSE Bug 1132212", url: "https://bugzilla.suse.com/1132212", }, { category: "self", summary: "SUSE Bug 1132472", url: "https://bugzilla.suse.com/1132472", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133874", url: "https://bugzilla.suse.com/1133874", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134338", url: "https://bugzilla.suse.com/1134338", }, { category: "self", summary: "SUSE Bug 1134537", url: "https://bugzilla.suse.com/1134537", }, { category: "self", summary: "SUSE Bug 1134564", url: "https://bugzilla.suse.com/1134564", }, { category: "self", summary: "SUSE Bug 1134565", url: "https://bugzilla.suse.com/1134565", }, { category: "self", summary: "SUSE Bug 1134566", url: "https://bugzilla.suse.com/1134566", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134806", url: "https://bugzilla.suse.com/1134806", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1135013", url: "https://bugzilla.suse.com/1135013", }, { category: "self", summary: "SUSE Bug 1135014", url: "https://bugzilla.suse.com/1135014", }, { category: "self", summary: "SUSE Bug 1135015", url: "https://bugzilla.suse.com/1135015", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135603", url: "https://bugzilla.suse.com/1135603", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE Bug 1135661", url: "https://bugzilla.suse.com/1135661", }, { category: "self", summary: "SUSE Bug 1135878", url: "https://bugzilla.suse.com/1135878", }, { category: "self", summary: "SUSE Bug 1136424", url: "https://bugzilla.suse.com/1136424", }, { category: "self", summary: "SUSE Bug 1136438", url: "https://bugzilla.suse.com/1136438", }, { category: "self", summary: "SUSE Bug 1136448", url: "https://bugzilla.suse.com/1136448", }, { category: "self", summary: "SUSE Bug 1136449", url: "https://bugzilla.suse.com/1136449", }, { category: "self", summary: "SUSE Bug 1136451", url: "https://bugzilla.suse.com/1136451", }, { category: "self", summary: "SUSE Bug 1136452", url: "https://bugzilla.suse.com/1136452", }, { category: "self", summary: "SUSE Bug 1136455", url: "https://bugzilla.suse.com/1136455", }, { category: "self", summary: "SUSE Bug 1136458", url: "https://bugzilla.suse.com/1136458", }, { category: "self", summary: "SUSE Bug 1136539", url: "https://bugzilla.suse.com/1136539", }, { category: "self", summary: "SUSE Bug 1136573", url: "https://bugzilla.suse.com/1136573", }, { category: "self", summary: "SUSE Bug 1136575", url: "https://bugzilla.suse.com/1136575", }, { category: "self", summary: "SUSE Bug 1136586", url: "https://bugzilla.suse.com/1136586", }, { category: "self", summary: "SUSE Bug 1136590", url: "https://bugzilla.suse.com/1136590", }, { category: "self", summary: "SUSE Bug 1136623", url: "https://bugzilla.suse.com/1136623", }, { category: "self", summary: "SUSE Bug 1136810", url: "https://bugzilla.suse.com/1136810", }, { category: "self", summary: "SUSE Bug 1136935", url: "https://bugzilla.suse.com/1136935", }, { category: "self", summary: "SUSE Bug 1136990", url: "https://bugzilla.suse.com/1136990", }, { category: "self", summary: "SUSE Bug 1137142", url: "https://bugzilla.suse.com/1137142", }, { category: "self", summary: "SUSE Bug 1137162", url: "https://bugzilla.suse.com/1137162", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 843419", url: "https://bugzilla.suse.com/843419", }, { category: "self", summary: "SUSE CVE CVE-2018-17972 page", url: "https://www.suse.com/security/cve/CVE-2018-17972/", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-11190 page", url: "https://www.suse.com/security/cve/CVE-2019-11190/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-12382 page", url: "https://www.suse.com/security/cve/CVE-2019-12382/", }, { category: "self", summary: "SUSE CVE CVE-2019-3846 page", url: "https://www.suse.com/security/cve/CVE-2019-3846/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-17T17:21:28Z", generator: { date: "2019-06-17T17:21:28Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:1532-1", initial_release_date: "2019-06-17T17:21:28Z", revision_history: [ { date: "2019-06-17T17:21:28Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.97.1.aarch64", product: { name: "cluster-md-kmp-default-4.4.180-94.97.1.aarch64", product_id: "cluster-md-kmp-default-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.97.1.aarch64", product: { name: "dlm-kmp-default-4.4.180-94.97.1.aarch64", product_id: "dlm-kmp-default-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.97.1.aarch64", product: { name: "gfs2-kmp-default-4.4.180-94.97.1.aarch64", product_id: "gfs2-kmp-default-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.4.180-94.97.1.aarch64", product: { name: "kernel-default-4.4.180-94.97.1.aarch64", product_id: "kernel-default-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.97.1.aarch64", product: { name: "kernel-default-base-4.4.180-94.97.1.aarch64", product_id: "kernel-default-base-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.97.1.aarch64", product: { name: "kernel-default-devel-4.4.180-94.97.1.aarch64", product_id: "kernel-default-devel-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.97.1.aarch64", product: { name: "kernel-default-extra-4.4.180-94.97.1.aarch64", product_id: "kernel-default-extra-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.97.1.aarch64", product: { name: "kernel-default-kgraft-4.4.180-94.97.1.aarch64", product_id: "kernel-default-kgraft-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.97.1.aarch64", product: { name: "kernel-obs-build-4.4.180-94.97.1.aarch64", product_id: "kernel-obs-build-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.97.1.aarch64", product: { name: "kernel-obs-qa-4.4.180-94.97.1.aarch64", product_id: "kernel-obs-qa-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.97.1.aarch64", product: { name: "kernel-syms-4.4.180-94.97.1.aarch64", product_id: "kernel-syms-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.97.1.aarch64", product: { name: "kernel-vanilla-4.4.180-94.97.1.aarch64", product_id: "kernel-vanilla-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.97.1.aarch64", product: { name: "kernel-vanilla-base-4.4.180-94.97.1.aarch64", product_id: "kernel-vanilla-base-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.97.1.aarch64", product: { name: "kernel-vanilla-devel-4.4.180-94.97.1.aarch64", product_id: "kernel-vanilla-devel-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.97.1.aarch64", product: { name: "kselftests-kmp-default-4.4.180-94.97.1.aarch64", product_id: "kselftests-kmp-default-4.4.180-94.97.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.97.1.aarch64", product: { name: "ocfs2-kmp-default-4.4.180-94.97.1.aarch64", product_id: "ocfs2-kmp-default-4.4.180-94.97.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.180-94.97.1.noarch", product: { name: "kernel-devel-4.4.180-94.97.1.noarch", product_id: "kernel-devel-4.4.180-94.97.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.180-94.97.1.noarch", product: { name: "kernel-docs-4.4.180-94.97.1.noarch", product_id: "kernel-docs-4.4.180-94.97.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.4.180-94.97.1.noarch", product: { name: "kernel-docs-html-4.4.180-94.97.1.noarch", product_id: "kernel-docs-html-4.4.180-94.97.1.noarch", }, }, { category: "product_version", name: "kernel-docs-pdf-4.4.180-94.97.1.noarch", product: { name: "kernel-docs-pdf-4.4.180-94.97.1.noarch", product_id: "kernel-docs-pdf-4.4.180-94.97.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.180-94.97.1.noarch", product: { name: "kernel-macros-4.4.180-94.97.1.noarch", product_id: "kernel-macros-4.4.180-94.97.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.180-94.97.1.noarch", product: { name: "kernel-source-4.4.180-94.97.1.noarch", product_id: "kernel-source-4.4.180-94.97.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.4.180-94.97.1.noarch", product: { name: "kernel-source-vanilla-4.4.180-94.97.1.noarch", product_id: "kernel-source-vanilla-4.4.180-94.97.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.180-94.97.1.ppc64le", product: { name: "cluster-md-kmp-debug-4.4.180-94.97.1.ppc64le", product_id: "cluster-md-kmp-debug-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", product: { name: "cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", product_id: "cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.180-94.97.1.ppc64le", product: { name: "dlm-kmp-debug-4.4.180-94.97.1.ppc64le", product_id: "dlm-kmp-debug-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.97.1.ppc64le", product: { name: "dlm-kmp-default-4.4.180-94.97.1.ppc64le", product_id: "dlm-kmp-default-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.180-94.97.1.ppc64le", product: { name: "gfs2-kmp-debug-4.4.180-94.97.1.ppc64le", product_id: "gfs2-kmp-debug-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.97.1.ppc64le", product: { name: "gfs2-kmp-default-4.4.180-94.97.1.ppc64le", product_id: "gfs2-kmp-default-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.4.180-94.97.1.ppc64le", product: { name: "kernel-debug-4.4.180-94.97.1.ppc64le", product_id: "kernel-debug-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.4.180-94.97.1.ppc64le", product: { name: "kernel-debug-base-4.4.180-94.97.1.ppc64le", product_id: "kernel-debug-base-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.180-94.97.1.ppc64le", product: { name: "kernel-debug-devel-4.4.180-94.97.1.ppc64le", product_id: "kernel-debug-devel-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.180-94.97.1.ppc64le", product: { name: "kernel-debug-extra-4.4.180-94.97.1.ppc64le", product_id: "kernel-debug-extra-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.180-94.97.1.ppc64le", product: { name: "kernel-debug-kgraft-4.4.180-94.97.1.ppc64le", product_id: "kernel-debug-kgraft-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.180-94.97.1.ppc64le", product: { name: "kernel-default-4.4.180-94.97.1.ppc64le", product_id: "kernel-default-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.97.1.ppc64le", product: { name: "kernel-default-base-4.4.180-94.97.1.ppc64le", product_id: "kernel-default-base-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.97.1.ppc64le", product: { name: "kernel-default-devel-4.4.180-94.97.1.ppc64le", product_id: "kernel-default-devel-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.97.1.ppc64le", product: { name: "kernel-default-extra-4.4.180-94.97.1.ppc64le", product_id: "kernel-default-extra-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.97.1.ppc64le", product: { name: "kernel-default-kgraft-4.4.180-94.97.1.ppc64le", product_id: "kernel-default-kgraft-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.97.1.ppc64le", product: { name: "kernel-obs-build-4.4.180-94.97.1.ppc64le", product_id: "kernel-obs-build-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.97.1.ppc64le", product: { name: "kernel-obs-qa-4.4.180-94.97.1.ppc64le", product_id: "kernel-obs-qa-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.97.1.ppc64le", product: { name: "kernel-syms-4.4.180-94.97.1.ppc64le", product_id: "kernel-syms-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.97.1.ppc64le", product: { name: "kernel-vanilla-4.4.180-94.97.1.ppc64le", product_id: "kernel-vanilla-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.97.1.ppc64le", product: { name: "kernel-vanilla-base-4.4.180-94.97.1.ppc64le", product_id: "kernel-vanilla-base-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.97.1.ppc64le", product: { name: "kernel-vanilla-devel-4.4.180-94.97.1.ppc64le", product_id: "kernel-vanilla-devel-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", product: { name: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", product_id: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-debug-4.4.180-94.97.1.ppc64le", product: { name: "kselftests-kmp-debug-4.4.180-94.97.1.ppc64le", product_id: "kselftests-kmp-debug-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.97.1.ppc64le", product: { name: "kselftests-kmp-default-4.4.180-94.97.1.ppc64le", product_id: "kselftests-kmp-default-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.180-94.97.1.ppc64le", product: { name: "ocfs2-kmp-debug-4.4.180-94.97.1.ppc64le", product_id: "ocfs2-kmp-debug-4.4.180-94.97.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", product: { name: "ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", product_id: "ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.97.1.s390x", product: { name: "cluster-md-kmp-default-4.4.180-94.97.1.s390x", product_id: "cluster-md-kmp-default-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.97.1.s390x", product: { name: "dlm-kmp-default-4.4.180-94.97.1.s390x", product_id: "dlm-kmp-default-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.97.1.s390x", product: { name: "gfs2-kmp-default-4.4.180-94.97.1.s390x", product_id: "gfs2-kmp-default-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.180-94.97.1.s390x", product: { name: "kernel-default-4.4.180-94.97.1.s390x", product_id: "kernel-default-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.97.1.s390x", product: { name: "kernel-default-base-4.4.180-94.97.1.s390x", product_id: "kernel-default-base-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.97.1.s390x", product: { name: "kernel-default-devel-4.4.180-94.97.1.s390x", product_id: "kernel-default-devel-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.97.1.s390x", product: { name: "kernel-default-extra-4.4.180-94.97.1.s390x", product_id: "kernel-default-extra-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.97.1.s390x", product: { name: "kernel-default-kgraft-4.4.180-94.97.1.s390x", product_id: "kernel-default-kgraft-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.180-94.97.1.s390x", product: { name: "kernel-default-man-4.4.180-94.97.1.s390x", product_id: "kernel-default-man-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.97.1.s390x", product: { name: "kernel-obs-build-4.4.180-94.97.1.s390x", product_id: "kernel-obs-build-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.97.1.s390x", product: { name: "kernel-obs-qa-4.4.180-94.97.1.s390x", product_id: "kernel-obs-qa-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.97.1.s390x", product: { name: "kernel-syms-4.4.180-94.97.1.s390x", product_id: "kernel-syms-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.97.1.s390x", product: { name: "kernel-vanilla-4.4.180-94.97.1.s390x", product_id: "kernel-vanilla-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.97.1.s390x", product: { name: "kernel-vanilla-base-4.4.180-94.97.1.s390x", product_id: "kernel-vanilla-base-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.97.1.s390x", product: { name: "kernel-vanilla-devel-4.4.180-94.97.1.s390x", product_id: "kernel-vanilla-devel-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.4.180-94.97.1.s390x", product: { name: "kernel-zfcpdump-4.4.180-94.97.1.s390x", product_id: "kernel-zfcpdump-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.97.1.s390x", product: { name: "kselftests-kmp-default-4.4.180-94.97.1.s390x", product_id: "kselftests-kmp-default-4.4.180-94.97.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.97.1.s390x", product: { name: "ocfs2-kmp-default-4.4.180-94.97.1.s390x", product_id: "ocfs2-kmp-default-4.4.180-94.97.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.180-94.97.1.x86_64", product: { name: "cluster-md-kmp-debug-4.4.180-94.97.1.x86_64", product_id: "cluster-md-kmp-debug-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.180-94.97.1.x86_64", product: { name: "cluster-md-kmp-default-4.4.180-94.97.1.x86_64", product_id: "cluster-md-kmp-default-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.180-94.97.1.x86_64", product: { name: "dlm-kmp-debug-4.4.180-94.97.1.x86_64", product_id: "dlm-kmp-debug-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.180-94.97.1.x86_64", product: { name: "dlm-kmp-default-4.4.180-94.97.1.x86_64", product_id: "dlm-kmp-default-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.180-94.97.1.x86_64", product: { name: "gfs2-kmp-debug-4.4.180-94.97.1.x86_64", product_id: "gfs2-kmp-debug-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.180-94.97.1.x86_64", product: { name: "gfs2-kmp-default-4.4.180-94.97.1.x86_64", product_id: "gfs2-kmp-default-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.4.180-94.97.1.x86_64", product: { name: "kernel-debug-4.4.180-94.97.1.x86_64", product_id: "kernel-debug-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.4.180-94.97.1.x86_64", product: { name: "kernel-debug-base-4.4.180-94.97.1.x86_64", product_id: "kernel-debug-base-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.180-94.97.1.x86_64", product: { name: "kernel-debug-devel-4.4.180-94.97.1.x86_64", product_id: "kernel-debug-devel-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.180-94.97.1.x86_64", product: { name: "kernel-debug-extra-4.4.180-94.97.1.x86_64", product_id: "kernel-debug-extra-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.180-94.97.1.x86_64", product: { name: "kernel-debug-kgraft-4.4.180-94.97.1.x86_64", product_id: "kernel-debug-kgraft-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.4.180-94.97.1.x86_64", product: { name: "kernel-default-4.4.180-94.97.1.x86_64", product_id: "kernel-default-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.180-94.97.1.x86_64", product: { name: "kernel-default-base-4.4.180-94.97.1.x86_64", product_id: "kernel-default-base-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.180-94.97.1.x86_64", product: { name: "kernel-default-devel-4.4.180-94.97.1.x86_64", product_id: "kernel-default-devel-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.180-94.97.1.x86_64", product: { name: "kernel-default-extra-4.4.180-94.97.1.x86_64", product_id: "kernel-default-extra-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.180-94.97.1.x86_64", product: { name: "kernel-default-kgraft-4.4.180-94.97.1.x86_64", product_id: "kernel-default-kgraft-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.180-94.97.1.x86_64", product: { name: "kernel-obs-build-4.4.180-94.97.1.x86_64", product_id: "kernel-obs-build-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.180-94.97.1.x86_64", product: { name: "kernel-obs-qa-4.4.180-94.97.1.x86_64", product_id: "kernel-obs-qa-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.180-94.97.1.x86_64", product: { name: "kernel-syms-4.4.180-94.97.1.x86_64", product_id: "kernel-syms-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.180-94.97.1.x86_64", product: { name: "kernel-vanilla-4.4.180-94.97.1.x86_64", product_id: "kernel-vanilla-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.180-94.97.1.x86_64", product: { name: "kernel-vanilla-base-4.4.180-94.97.1.x86_64", product_id: "kernel-vanilla-base-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.180-94.97.1.x86_64", product: { name: "kernel-vanilla-devel-4.4.180-94.97.1.x86_64", product_id: "kernel-vanilla-devel-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", product: { name: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", product_id: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-debug-4.4.180-94.97.1.x86_64", product: { name: "kselftests-kmp-debug-4.4.180-94.97.1.x86_64", product_id: "kselftests-kmp-debug-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.4.180-94.97.1.x86_64", product: { name: "kselftests-kmp-default-4.4.180-94.97.1.x86_64", product_id: "kselftests-kmp-default-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.180-94.97.1.x86_64", product: { name: "ocfs2-kmp-debug-4.4.180-94.97.1.x86_64", product_id: "ocfs2-kmp-debug-4.4.180-94.97.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.180-94.97.1.x86_64", product: { name: "ocfs2-kmp-default-4.4.180-94.97.1.x86_64", product_id: "ocfs2-kmp-default-4.4.180-94.97.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP3", product: { name: "SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12 SP3", product: { name: "SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 12 SP3", product: { name: "SUSE Linux Enterprise Workstation Extension 12 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-extra-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", }, product_reference: "kernel-source-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", }, product_reference: "cluster-md-kmp-default-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", }, product_reference: "dlm-kmp-default-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", }, product_reference: "dlm-kmp-default-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", }, product_reference: "dlm-kmp-default-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", }, product_reference: "gfs2-kmp-default-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", }, product_reference: "gfs2-kmp-default-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", }, product_reference: "ocfs2-kmp-default-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", }, product_reference: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", }, product_reference: "kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", }, product_reference: "kernel-docs-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-obs-build-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-obs-build-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", }, product_reference: "kernel-obs-build-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-obs-build-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-default-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-default-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-default-base-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-default-base-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-base-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-man-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", }, product_reference: "kernel-source-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-syms-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-syms-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", }, product_reference: "kernel-syms-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-default-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-default-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-default-base-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-default-base-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-base-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-base-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-devel-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", }, product_reference: "kernel-default-man-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", }, product_reference: "kernel-devel-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", }, product_reference: "kernel-macros-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.180-94.97.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", }, product_reference: "kernel-source-4.4.180-94.97.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", }, product_reference: "kernel-syms-4.4.180-94.97.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", }, product_reference: "kernel-syms-4.4.180-94.97.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", }, product_reference: "kernel-syms-4.4.180-94.97.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-syms-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.180-94.97.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", }, product_reference: "kernel-default-extra-4.4.180-94.97.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-17972", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17972", }, ], notes: [ { category: "general", text: "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17972", url: "https://www.suse.com/security/cve/CVE-2018-17972", }, { category: "external", summary: "SUSE Bug 1110785 for CVE-2018-17972", url: "https://bugzilla.suse.com/1110785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "moderate", }, ], title: "CVE-2018-17972", }, { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-11190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11190", }, ], notes: [ { category: "general", text: "The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11190", url: "https://www.suse.com/security/cve/CVE-2019-11190", }, { category: "external", summary: "SUSE Bug 1131543 for CVE-2019-11190", url: "https://bugzilla.suse.com/1131543", }, { category: "external", summary: "SUSE Bug 1132374 for CVE-2019-11190", url: "https://bugzilla.suse.com/1132374", }, { category: "external", summary: "SUSE Bug 1132472 for CVE-2019-11190", url: "https://bugzilla.suse.com/1132472", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "important", }, ], title: "CVE-2019-11190", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-12382", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12382", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12382", url: "https://www.suse.com/security/cve/CVE-2019-12382", }, { category: "external", summary: "SUSE Bug 1136586 for CVE-2019-12382", url: "https://bugzilla.suse.com/1136586", }, { category: "external", summary: "SUSE Bug 1155298 for CVE-2019-12382", url: "https://bugzilla.suse.com/1155298", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "low", }, ], title: "CVE-2019-12382", }, { cve: "CVE-2019-3846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3846", }, ], notes: [ { category: "general", text: "A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3846", url: "https://www.suse.com/security/cve/CVE-2019-3846", }, { category: "external", summary: "SUSE Bug 1136424 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136424", }, { category: "external", summary: "SUSE Bug 1136446 for CVE-2019-3846", url: "https://bugzilla.suse.com/1136446", }, { category: "external", summary: "SUSE Bug 1156330 for CVE-2019-3846", url: "https://bugzilla.suse.com/1156330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "important", }, ], title: "CVE-2019-3846", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_180-94_97-default-1-4.3.3.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.180-94.97.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.180-94.97.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.180-94.97.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-17T17:21:28Z", details: "moderate", }, ], title: "CVE-2019-5489", }, ], }
suse-su-2019:14089-1
Vulnerability from csaf_suse
Published
2019-06-18 10:58
Modified
2019-06-18 10:58
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 11 SP4 kernel version 3.0.101 was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic. (bsc#1137586)
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able to
further exploit the fragmented queue to cause an expensive linked-list walk
for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: It was possible to send a crafted sequence of SACKs which
will fragment the RACK send map. A remote attacker may be able to further
exploit the fragmented send map to cause an expensive linked-list walk for
subsequent SACKs received for that same TCP connection. This would have
resulted in excess resource consumption due to low mss values.
- CVE-2014-9710: The Btrfs implementation in the Linux kernel did not ensure
that the visible xattr state is consistent with a requested replacement,
which allowed local users to bypass intended ACL settings and gain privileges
via standard filesystem operations (1) during an xattr-replacement time
window, related to a race condition, or (2) after an xattr-replacement
attempt that fails because the data did not fit (bnc#923908).
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of other
processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.) Limited
remote exploitation may be possible, as demonstrated by latency differences
in accessing public files from an Apache HTTP Server (bnc#1120843).
- CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on setuid
programs (such as /bin/su) because install_exec_creds() is called too late in
load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check
has a race condition when reading /proc/pid/stat (bnc#1131543).
- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in
fs/proc/base.c in the Linux kernel It did not ensure that only root may
inspect the kernel stack of an arbitrary task, allowing a local attacker to
exploit racy stack unwinding and leak kernel task stack contents
(bnc#1110785).
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c
in the Linux kernel allowed a local user to obtain potentially sensitive
information from kernel stack memory via a HIDPCONNADD command, because a
name field may not end with a '\0' character (bnc#1134848).
- CVE-2019-11486: The Siemens R3964 line discipline driver in
drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions
(bnc#1133188).
The following non-security bugs were fixed:
- cifs: fix uninitialized memory access (bsc#1120326).
- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kernel: Add CEX7 toleration support (bsc#1131295).
- net: ipsec: fix a kernel oops caused by reentrant workqueue (bsc#1119314).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- x86/MCE: Handle 'nosmt' offlining properly (bsc#1134729).
- xfs: do not cache inodes read through bulkstat (bsc#1134102).
Patchnames
slessp4-kernel-source-14089,slexsp3-kernel-source-14089
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 11 SP4 kernel version 3.0.101 was updated to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can\n trigger an integer overflow, leading to a kernel panic. (bsc#1137586)\n\n- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which\n will fragment the TCP retransmission queue. An attacker may have been able to\n further exploit the fragmented queue to cause an expensive linked-list walk\n for subsequent SACKs received for that same TCP connection.\n\n- CVE-2019-11479: It was possible to send a crafted sequence of SACKs which\n will fragment the RACK send map. A remote attacker may be able to further\n exploit the fragmented send map to cause an expensive linked-list walk for\n subsequent SACKs received for that same TCP connection. This would have\n resulted in excess resource consumption due to low mss values.\n\n- CVE-2014-9710: The Btrfs implementation in the Linux kernel did not ensure\n that the visible xattr state is consistent with a requested replacement,\n which allowed local users to bypass intended ACL settings and gain privileges\n via standard filesystem operations (1) during an xattr-replacement time\n window, related to a race condition, or (2) after an xattr-replacement\n attempt that fails because the data did not fit (bnc#923908).\n\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux\n kernel allowed local attackers to observe page cache access patterns of other\n processes on the same system, potentially allowing sniffing of secret\n information. (Fixing this affects the output of the fincore program.) Limited\n remote exploitation may be possible, as demonstrated by latency differences\n in accessing public files from an Apache HTTP Server (bnc#1120843).\n\n- CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on setuid\n programs (such as /bin/su) because install_exec_creds() is called too late in\n load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check\n has a race condition when reading /proc/pid/stat (bnc#1131543).\n\n- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in\n fs/proc/base.c in the Linux kernel It did not ensure that only root may\n inspect the kernel stack of an arbitrary task, allowing a local attacker to\n exploit racy stack unwinding and leak kernel task stack contents\n (bnc#1110785).\n\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c\n in the Linux kernel allowed a local user to obtain potentially sensitive\n information from kernel stack memory via a HIDPCONNADD command, because a\n name field may not end with a '\\0' character (bnc#1134848).\n\n- CVE-2019-11486: The Siemens R3964 line discipline driver in\n drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions\n (bnc#1133188).\n\nThe following non-security bugs were fixed:\n\n- cifs: fix uninitialized memory access (bsc#1120326).\n- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).\n- kernel: Add CEX7 toleration support (bsc#1131295).\n- net: ipsec: fix a kernel oops caused by reentrant workqueue (bsc#1119314).\n- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).\n- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).\n- tcp: limit payload size of sacked skbs (bsc#1137586).\n- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).\n- x86/MCE: Handle 'nosmt' offlining properly (bsc#1134729).\n- xfs: do not cache inodes read through bulkstat (bsc#1134102).\n", title: "Description of the patch", }, { category: "details", text: "slessp4-kernel-source-14089,slexsp3-kernel-source-14089", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_14089-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:14089-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-201914089-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:14089-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005579.html", }, { category: "self", summary: "SUSE Bug 1110785", url: "https://bugzilla.suse.com/1110785", }, { category: "self", summary: "SUSE Bug 1113769", url: "https://bugzilla.suse.com/1113769", }, { category: "self", summary: "SUSE Bug 1119314", url: "https://bugzilla.suse.com/1119314", }, { category: "self", summary: "SUSE Bug 1120326", url: "https://bugzilla.suse.com/1120326", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1120885", url: "https://bugzilla.suse.com/1120885", }, { category: "self", summary: "SUSE Bug 1131295", url: "https://bugzilla.suse.com/1131295", }, { category: "self", summary: "SUSE Bug 1131543", url: "https://bugzilla.suse.com/1131543", }, { category: "self", summary: "SUSE Bug 1132374", url: "https://bugzilla.suse.com/1132374", }, { category: "self", summary: "SUSE Bug 1132472", url: "https://bugzilla.suse.com/1132472", }, { category: "self", summary: "SUSE Bug 1132580", url: "https://bugzilla.suse.com/1132580", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1134102", url: "https://bugzilla.suse.com/1134102", }, { category: "self", summary: "SUSE Bug 1134729", url: "https://bugzilla.suse.com/1134729", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1137586", url: "https://bugzilla.suse.com/1137586", }, { category: "self", summary: "SUSE Bug 923908", url: "https://bugzilla.suse.com/923908", }, { category: "self", summary: "SUSE Bug 939260", url: "https://bugzilla.suse.com/939260", }, { category: "self", summary: "SUSE CVE CVE-2014-9710 page", url: "https://www.suse.com/security/cve/CVE-2014-9710/", }, { category: "self", summary: "SUSE CVE CVE-2018-17972 page", url: "https://www.suse.com/security/cve/CVE-2018-17972/", }, { category: "self", summary: "SUSE CVE CVE-2019-11190 page", url: "https://www.suse.com/security/cve/CVE-2019-11190/", }, { category: "self", summary: "SUSE CVE CVE-2019-11477 page", url: "https://www.suse.com/security/cve/CVE-2019-11477/", }, { category: "self", summary: "SUSE CVE CVE-2019-11478 page", url: "https://www.suse.com/security/cve/CVE-2019-11478/", }, { category: "self", summary: "SUSE CVE CVE-2019-11479 page", url: "https://www.suse.com/security/cve/CVE-2019-11479/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-06-18T10:58:36Z", generator: { date: "2019-06-18T10:58:36Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:14089-1", initial_release_date: "2019-06-18T10:58:36Z", revision_history: [ { date: "2019-06-18T10:58:36Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-3.0.101-108.95.2.i586", product: { name: "kernel-default-3.0.101-108.95.2.i586", product_id: "kernel-default-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.95.2.i586", product: { name: "kernel-default-base-3.0.101-108.95.2.i586", product_id: "kernel-default-base-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.95.2.i586", product: { name: "kernel-default-devel-3.0.101-108.95.2.i586", product_id: "kernel-default-devel-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-108.95.2.i586", product: { name: "kernel-ec2-3.0.101-108.95.2.i586", product_id: "kernel-ec2-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-108.95.2.i586", product: { name: "kernel-ec2-base-3.0.101-108.95.2.i586", product_id: "kernel-ec2-base-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-108.95.2.i586", product: { name: "kernel-ec2-devel-3.0.101-108.95.2.i586", product_id: "kernel-ec2-devel-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-pae-3.0.101-108.95.2.i586", product: { name: "kernel-pae-3.0.101-108.95.2.i586", product_id: "kernel-pae-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-pae-base-3.0.101-108.95.2.i586", product: { name: "kernel-pae-base-3.0.101-108.95.2.i586", product_id: "kernel-pae-base-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-pae-devel-3.0.101-108.95.2.i586", product: { name: "kernel-pae-devel-3.0.101-108.95.2.i586", product_id: "kernel-pae-devel-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.95.1.i586", product: { name: "kernel-source-3.0.101-108.95.1.i586", product_id: "kernel-source-3.0.101-108.95.1.i586", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.95.1.i586", product: { name: "kernel-syms-3.0.101-108.95.1.i586", product_id: "kernel-syms-3.0.101-108.95.1.i586", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.95.2.i586", product: { name: "kernel-trace-3.0.101-108.95.2.i586", product_id: "kernel-trace-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.95.2.i586", product: { name: "kernel-trace-base-3.0.101-108.95.2.i586", product_id: "kernel-trace-base-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.95.2.i586", product: { name: "kernel-trace-devel-3.0.101-108.95.2.i586", product_id: "kernel-trace-devel-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-xen-3.0.101-108.95.2.i586", product: { name: "kernel-xen-3.0.101-108.95.2.i586", product_id: "kernel-xen-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-108.95.2.i586", product: { name: "kernel-xen-base-3.0.101-108.95.2.i586", product_id: "kernel-xen-base-3.0.101-108.95.2.i586", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-108.95.2.i586", product: { name: "kernel-xen-devel-3.0.101-108.95.2.i586", product_id: "kernel-xen-devel-3.0.101-108.95.2.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "kernel-bigmem-3.0.101-108.95.2.ppc64", product: { name: "kernel-bigmem-3.0.101-108.95.2.ppc64", product_id: "kernel-bigmem-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-bigmem-base-3.0.101-108.95.2.ppc64", product: { name: "kernel-bigmem-base-3.0.101-108.95.2.ppc64", product_id: "kernel-bigmem-base-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-bigmem-devel-3.0.101-108.95.2.ppc64", product: { name: "kernel-bigmem-devel-3.0.101-108.95.2.ppc64", product_id: "kernel-bigmem-devel-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-default-3.0.101-108.95.2.ppc64", product: { name: "kernel-default-3.0.101-108.95.2.ppc64", product_id: "kernel-default-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.95.2.ppc64", product: { name: "kernel-default-base-3.0.101-108.95.2.ppc64", product_id: "kernel-default-base-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.95.2.ppc64", product: { name: "kernel-default-devel-3.0.101-108.95.2.ppc64", product_id: "kernel-default-devel-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-ppc64-3.0.101-108.95.2.ppc64", product: { name: "kernel-ppc64-3.0.101-108.95.2.ppc64", product_id: "kernel-ppc64-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-ppc64-base-3.0.101-108.95.2.ppc64", product: { name: "kernel-ppc64-base-3.0.101-108.95.2.ppc64", product_id: "kernel-ppc64-base-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-ppc64-devel-3.0.101-108.95.2.ppc64", product: { name: "kernel-ppc64-devel-3.0.101-108.95.2.ppc64", product_id: "kernel-ppc64-devel-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.95.1.ppc64", product: { name: "kernel-source-3.0.101-108.95.1.ppc64", product_id: "kernel-source-3.0.101-108.95.1.ppc64", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.95.1.ppc64", product: { name: "kernel-syms-3.0.101-108.95.1.ppc64", product_id: "kernel-syms-3.0.101-108.95.1.ppc64", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.95.2.ppc64", product: { name: "kernel-trace-3.0.101-108.95.2.ppc64", product_id: "kernel-trace-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.95.2.ppc64", product: { name: "kernel-trace-base-3.0.101-108.95.2.ppc64", product_id: "kernel-trace-base-3.0.101-108.95.2.ppc64", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.95.2.ppc64", product: { name: "kernel-trace-devel-3.0.101-108.95.2.ppc64", product_id: "kernel-trace-devel-3.0.101-108.95.2.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "kernel-default-3.0.101-108.95.2.s390x", product: { name: "kernel-default-3.0.101-108.95.2.s390x", product_id: "kernel-default-3.0.101-108.95.2.s390x", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.95.2.s390x", product: { name: "kernel-default-base-3.0.101-108.95.2.s390x", product_id: "kernel-default-base-3.0.101-108.95.2.s390x", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.95.2.s390x", product: { name: "kernel-default-devel-3.0.101-108.95.2.s390x", product_id: "kernel-default-devel-3.0.101-108.95.2.s390x", }, }, { category: "product_version", name: "kernel-default-man-3.0.101-108.95.2.s390x", product: { name: "kernel-default-man-3.0.101-108.95.2.s390x", product_id: "kernel-default-man-3.0.101-108.95.2.s390x", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.95.1.s390x", product: { name: "kernel-source-3.0.101-108.95.1.s390x", product_id: "kernel-source-3.0.101-108.95.1.s390x", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.95.1.s390x", product: { name: "kernel-syms-3.0.101-108.95.1.s390x", product_id: "kernel-syms-3.0.101-108.95.1.s390x", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.95.2.s390x", product: { name: "kernel-trace-3.0.101-108.95.2.s390x", product_id: "kernel-trace-3.0.101-108.95.2.s390x", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.95.2.s390x", product: { name: "kernel-trace-base-3.0.101-108.95.2.s390x", product_id: "kernel-trace-base-3.0.101-108.95.2.s390x", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.95.2.s390x", product: { name: "kernel-trace-devel-3.0.101-108.95.2.s390x", product_id: "kernel-trace-devel-3.0.101-108.95.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-3.0.101-108.95.2.x86_64", product: { name: "kernel-default-3.0.101-108.95.2.x86_64", product_id: "kernel-default-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.95.2.x86_64", product: { name: "kernel-default-base-3.0.101-108.95.2.x86_64", product_id: "kernel-default-base-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.95.2.x86_64", product: { name: "kernel-default-devel-3.0.101-108.95.2.x86_64", product_id: "kernel-default-devel-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-108.95.2.x86_64", product: { name: "kernel-ec2-3.0.101-108.95.2.x86_64", product_id: "kernel-ec2-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-108.95.2.x86_64", product: { name: "kernel-ec2-base-3.0.101-108.95.2.x86_64", product_id: "kernel-ec2-base-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-108.95.2.x86_64", product: { name: "kernel-ec2-devel-3.0.101-108.95.2.x86_64", product_id: "kernel-ec2-devel-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.95.1.x86_64", product: { name: "kernel-source-3.0.101-108.95.1.x86_64", product_id: "kernel-source-3.0.101-108.95.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.95.1.x86_64", product: { name: "kernel-syms-3.0.101-108.95.1.x86_64", product_id: "kernel-syms-3.0.101-108.95.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.95.2.x86_64", product: { name: "kernel-trace-3.0.101-108.95.2.x86_64", product_id: "kernel-trace-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.95.2.x86_64", product: { name: "kernel-trace-base-3.0.101-108.95.2.x86_64", product_id: "kernel-trace-base-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.95.2.x86_64", product: { name: "kernel-trace-devel-3.0.101-108.95.2.x86_64", product_id: "kernel-trace-devel-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.0.101-108.95.2.x86_64", product: { name: "kernel-xen-3.0.101-108.95.2.x86_64", product_id: "kernel-xen-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-108.95.2.x86_64", product: { name: "kernel-xen-base-3.0.101-108.95.2.x86_64", product_id: "kernel-xen-base-3.0.101-108.95.2.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-108.95.2.x86_64", product: { name: "kernel-xen-devel-3.0.101-108.95.2.x86_64", product_id: "kernel-xen-devel-3.0.101-108.95.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-bigmem-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-bigmem-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-base-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-bigmem-base-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-devel-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-bigmem-devel-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", }, product_reference: "kernel-default-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-default-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.95.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", }, product_reference: "kernel-default-3.0.101-108.95.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-default-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", }, product_reference: "kernel-default-base-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-default-base-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.95.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", }, product_reference: "kernel-default-base-3.0.101-108.95.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-default-base-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", }, product_reference: "kernel-default-devel-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-default-devel-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.95.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", }, product_reference: "kernel-default-devel-3.0.101-108.95.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-default-devel-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-3.0.101-108.95.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", }, product_reference: "kernel-default-man-3.0.101-108.95.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", }, product_reference: "kernel-ec2-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-ec2-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", }, product_reference: "kernel-ec2-base-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-ec2-base-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", }, product_reference: "kernel-ec2-devel-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-ec2-devel-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", }, product_reference: "kernel-pae-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-base-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", }, product_reference: "kernel-pae-base-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-devel-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", }, product_reference: "kernel-pae-devel-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-ppc64-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-base-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-ppc64-base-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-devel-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-ppc64-devel-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.95.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", }, product_reference: "kernel-source-3.0.101-108.95.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.95.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", }, product_reference: "kernel-source-3.0.101-108.95.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.95.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", }, product_reference: "kernel-source-3.0.101-108.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.95.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", }, product_reference: "kernel-source-3.0.101-108.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.95.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", }, product_reference: "kernel-syms-3.0.101-108.95.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.95.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", }, product_reference: "kernel-syms-3.0.101-108.95.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.95.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", }, product_reference: "kernel-syms-3.0.101-108.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.95.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", }, product_reference: "kernel-syms-3.0.101-108.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", }, product_reference: "kernel-trace-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-trace-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.95.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", }, product_reference: "kernel-trace-3.0.101-108.95.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-trace-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", }, product_reference: "kernel-trace-base-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-trace-base-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.95.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", }, product_reference: "kernel-trace-base-3.0.101-108.95.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-trace-base-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", }, product_reference: "kernel-trace-devel-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.95.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", }, product_reference: "kernel-trace-devel-3.0.101-108.95.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.95.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", }, product_reference: "kernel-trace-devel-3.0.101-108.95.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-trace-devel-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", }, product_reference: "kernel-xen-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-xen-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", }, product_reference: "kernel-xen-base-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-xen-base-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-108.95.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", }, product_reference: "kernel-xen-devel-3.0.101-108.95.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-108.95.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", }, product_reference: "kernel-xen-devel-3.0.101-108.95.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2014-9710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-9710", }, ], notes: [ { category: "general", text: "The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-9710", url: "https://www.suse.com/security/cve/CVE-2014-9710", }, { category: "external", summary: "SUSE Bug 923908 for CVE-2014-9710", url: "https://bugzilla.suse.com/923908", }, { category: "external", summary: "SUSE Bug 939260 for CVE-2014-9710", url: "https://bugzilla.suse.com/939260", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "moderate", }, ], title: "CVE-2014-9710", }, { cve: "CVE-2018-17972", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17972", }, ], notes: [ { category: "general", text: "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17972", url: "https://www.suse.com/security/cve/CVE-2018-17972", }, { category: "external", summary: "SUSE Bug 1110785 for CVE-2018-17972", url: "https://bugzilla.suse.com/1110785", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "moderate", }, ], title: "CVE-2018-17972", }, { cve: "CVE-2019-11190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11190", }, ], notes: [ { category: "general", text: "The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11190", url: "https://www.suse.com/security/cve/CVE-2019-11190", }, { category: "external", summary: "SUSE Bug 1131543 for CVE-2019-11190", url: "https://bugzilla.suse.com/1131543", }, { category: "external", summary: "SUSE Bug 1132374 for CVE-2019-11190", url: "https://bugzilla.suse.com/1132374", }, { category: "external", summary: "SUSE Bug 1132472 for CVE-2019-11190", url: "https://bugzilla.suse.com/1132472", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "important", }, ], title: "CVE-2019-11190", }, { cve: "CVE-2019-11477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11477", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11477", url: "https://www.suse.com/security/cve/CVE-2019-11477", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11477", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11477", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11477", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1153242 for CVE-2019-11477", url: "https://bugzilla.suse.com/1153242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "important", }, ], title: "CVE-2019-11477", }, { cve: "CVE-2019-11478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11478", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11478", url: "https://www.suse.com/security/cve/CVE-2019-11478", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11478", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11478", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11478", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11478", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "important", }, ], title: "CVE-2019-11478", }, { cve: "CVE-2019-11479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11479", }, ], notes: [ { category: "general", text: "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11479", url: "https://www.suse.com/security/cve/CVE-2019-11479", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11479", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1137586 for CVE-2019-11479", url: "https://bugzilla.suse.com/1137586", }, { category: "external", summary: "SUSE Bug 1142129 for CVE-2019-11479", url: "https://bugzilla.suse.com/1142129", }, { category: "external", summary: "SUSE Bug 1143542 for CVE-2019-11479", url: "https://bugzilla.suse.com/1143542", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "important", }, ], title: "CVE-2019-11479", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.95.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.95.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.95.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-06-18T10:58:36Z", details: "moderate", }, ], title: "CVE-2019-5489", }, ], }
opensuse-su-2019:1479-1
Vulnerability from csaf_opensuse
Published
2019-05-31 06:14
Modified
2019-05-31 06:14
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-7191: In the tun subsystem dev_get_valid_name xwas not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343 (bnc#1135603).
- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access (bnc#1135278).
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions (bnc#1133188). It was disabled by default.
- CVE-2019-11811: There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c (bnc#1134397).
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c kernel. There is a race condition leading to a use-after-free, related to net namespace cleanup (bnc#1134537).
- CVE-2019-11833: fs/ext4/extents.c did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem (bnc#1135281).
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character (bnc#1134848).
- CVE-2019-3882: A flaw was found in the vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427).
- CVE-2019-5489: The mincore() implementation in mm/mincore.c allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server (bnc#1120843).
- CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results was fixed (bnc#1132681).
- CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828).
The following non-security bugs were fixed:
- 9p: do not trust pdu content for stat item size (bsc#1051510).
- 9p locks: add mount option for lock retry interval (bsc#1051510).
- acpi: Add Hygon Dhyana support ().
- acpi: Add Hygon Dhyana support (fate#327735).
- acpi: button: reinitialize button state upon resume (bsc#1051510).
- acpiCA: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
- acpiCA: Namespace: remove address node from global list after method termination (bsc#1051510).
- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#112128) (bsc#1132426).
- acpi: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bsc#1111666).
- acpi: property: restore _DSD data subnodes GUID comment (bsc#1111666).
- acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).
- acpi / utils: Drop reference in test for device presence (bsc#1051510).
- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
- alsa: core: Fix card races between register and disconnect (bsc#1051510).
- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- alsa: hda - Add two more machines to the power_save_blacklist (bsc#1051510).
- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- alsa: hda: Initialize power_state field properly (bsc#1051510).
- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
- alsa: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).
- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: hda/realtek - EAPD turn on later (bsc#1051510).
- alsa: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bsc#1111666).
- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
- alsa: hda/realtek - Move to ACT_INIT state (bsc#1111666).
- alsa: hda/realtek - Support low power consumption for ALC256 (bsc#1051510).
- alsa: hda/realtek - Support low power consumption for ALC295 (bsc#1051510).
- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).
- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
- alsa: line6: use dynamic buffers (bsc#1051510).
- alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).
- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).
- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- alsa: timer: Coding style fixes (bsc#1051510).
- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- alsa: timer: Make sure to clear pending ack list (bsc#1051510).
- alsa: timer: Revert active callback sync check at close (bsc#1051510).
- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- alsa: timer: Unify timer callback process code (bsc#1051510).
- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- alsa: usx2y: fix a double free bug (bsc#1051510).
- appletalk: Fix compile regression (bsc#1051510).
- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
- ARM: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
- ARM: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
- ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
- ARM: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
- ARM: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
- ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
- ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
- ARM: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
- ARM: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
- ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
- ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
- ASoC: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- ASoC: fix valid stream condition (bsc#1051510).
- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).
- ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).
- ASoC: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- ASoC: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- ASoC: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- ASoC: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- ASoC: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- ASoC: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- ASoC: stm32: fix sai driver name initialisation (bsc#1051510).
- ASoC: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- ASoC: topology: free created components in tplg load error (bsc#1051510).
- ASoC: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).
- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
- ath10k: avoid possible string overflow (bsc#1051510).
- ath10k: snoc: fix unbalanced clock error handling (bsc#1111666).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: treat stale && dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- bcm2835: MMC issues (bsc#1070872).
- blkcg: Introduce blkg_root_lookup() (bsc#1131673).
- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).
- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).
- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).
- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).
- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).
- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).
- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).
- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).
- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).
- block: fix the return errno for direct IO (bsc#1135320).
- block: fix use-after-free on gendisk (bsc#1135312).
- block: Introduce blk_exit_queue() (bsc#1131673).
- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).
- block: remove bio_rewind_iter() (bsc#1131673).
- Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- Bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).
- Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).
- Bluetooth: hidp: fix buffer overflow (bsc#1051510).
- bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07).
- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).
- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
- bonding: fix PACKET_ORIGDEV regression (git-fixes).
- bpf: fix use after free in bpf_evict_inode (bsc#1083647).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- brcmfmac: fix leak of mypkt on error return path (bsc#1111666).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).
- btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).
- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).
- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).
- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- cfg80211: Handle WMM rules in regulatory domain intersection (bsc#1111666).
- cgroup: fix parsing empty mount option string (bsc#1133094).
- cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).
- cifs: do not dereference smb_file_target before null check (bsc#1051510).
- cifs: Do not hide EINTR after sending network packets (bsc#1051510).
- cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).
- cifs: Do not reset lease state to NONE on lease break (bsc#1051510).
- cifs: Fix adjustment of credits for MTU requests (bsc#1051510).
- cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510).
- cifs: Fix credits calculations for reads with errors (bsc#1051510).
- cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).
- cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).
- cifs: Fix potential OOB access of lock element array (bsc#1051510).
- cifs: Fix read after write for files with read caching (bsc#1051510).
- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).
- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).
- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
- cpufreq: Add Hygon Dhyana support ().
- cpufreq: Add Hygon Dhyana support (fate#327735).
- cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ ().
- cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ (fate#327735).
- cpupowerutils: bench - Fix cpu online check (bsc#1051510).
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
- crypto: caam - add missing put_device() call (bsc#1129770).
- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
- crypto: caam/qi2 - fix DMA mapping of stack memory (bsc#1111666).
- crypto: caam/qi2 - fix zero-length buffer DMA mapping (bsc#1111666).
- crypto: caam/qi2 - generate hash keys in-place (bsc#1111666).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).
- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).
- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).
- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).
- cxgb4: Add flag tc_flower_initialized (bsc#1127371).
- cxgb4: Add new T5 PCI device id 0x50ae (bsc#1127371).
- cxgb4: Add new T5 PCI device ids 0x50af and 0x50b0 (bsc#1127371).
- cxgb4: Add new T6 PCI device ids 0x608a (bsc#1127371).
- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).
- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).
- cxgb4: add support to display DCB info (bsc#1127371).
- cxgb4: Add support to read actual provisioned resources (bsc#1127371).
- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).
- cxgb4: collect hardware queue descriptors (bsc#1127371).
- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).
- cxgb4: convert flower table to use rhashtable (bsc#1127371).
- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).
- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).
- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).
- cxgb4/cxgb4vf: Link management changes (bsc#1127371).
- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).
- cxgb4: display number of rx and tx pages free (bsc#1127371).
- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).
- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).
- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).
- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).
- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).
- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).
- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).
- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).
- cxgb4: remove the unneeded locks (bsc#1127371).
- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).
- cxgb4: Support ethtool private flags (bsc#1127371).
- cxgb4: update supported DCB version (bsc#1127371).
- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).
- cxgb4vf: Few more link management changes (bsc#1127374).
- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).
- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).
- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- dccp: Fix memleak in __feat_register_sp (bsc#1051510).
- debugfs: fix use-after-free on symlink traversal (bsc#1051510).
- device_cgroup: fix RCU imbalance in error case (bsc#1051510).
- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
- Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bsc#1051510).
- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).
- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).
- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).
- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).
- Drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).
- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).
- drm/amd/display: extending AUX SW Timeout (bsc#1111666).
- drm/amd/display: fix cursor black issue (bsc#1111666).
- drm/amd/display: If one stream full updates, full update all planes (bsc#1111666).
- drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bsc#1111666).
- drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bsc#1111666).
- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).
- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)
- drm/doc: Drop 'content type' from the legacy kms property table (bsc#1111666).
- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).
- drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bsc#1111666).
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/fb-helper: generic: Call drm_client_add() after setup is done (bsc#1111666).
- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
- drm/i915: Disable tv output on i9x5gm (bsc#1086657, bsc#1133897).
- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled (bsc#1111666).
- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)
- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113956)
- drm/i915/gvt: Annotate iomem usage (bsc#1051510).
- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).
- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)
- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113956)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: Prevent use-after-free in ppgtt_free_all_spt() (bsc#1111666).
- drm/i915/gvt: Roundup fb->height into tile's height at calucation fb->size (bsc#1111666).
- drm/i915/icl: Whitelist GEN9_SLICE_COMMON_ECO_CHICKEN1 (bsc#1111666).
- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)
- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113956)
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/nouveau: add DisplayPort CEC-Tunneling-over-AUX support (bsc#1133593).
- drm/nouveau: Add NV_PRINTK_ONCE and variants (bsc#1133593).
- drm/nouveau: Add size to vbios.rom file in debugfs (bsc#1133593).
- drm/nouveau: Add strap_peek to debugfs (bsc#1133593).
- drm/nouveau/bar/tu104: initial support (bsc#1133593).
- drm/nouveau/bar/tu106: initial support (bsc#1133593).
- drm/nouveau/bios: translate additional memory types (bsc#1133593).
- drm/nouveau/bios: translate USB-C connector type (bsc#1133593).
- drm/nouveau/bios/tu104: initial support (bsc#1133593).
- drm/nouveau/bios/tu106: initial support (bsc#1133593).
- drm/nouveau/bus/tu104: initial support (bsc#1133593).
- drm/nouveau/bus/tu106: initial support (bsc#1133593).
- drm/nouveau/ce/tu104: initial support (bsc#1133593).
- drm/nouveau/ce/tu106: initial support (bsc#1133593).
- drm/nouveau: Cleanup indenting in nouveau_backlight.c (bsc#1133593).
- drm/nouveau/core: increase maximum number of nvdec instances to 3 (bsc#1133593).
- drm/nouveau/core: recognise TU102 (bsc#1133593).
- drm/nouveau/core: recognise TU104 (bsc#1133593).
- drm/nouveau/core: recognise TU106 (bsc#1133593).
- drm/nouveau/core: support multiple nvdec instances (bsc#1133593).
- drm/nouveau/devinit/gm200-: export function to upload+execute PMU/PRE_OS (bsc#1133593).
- drm/nouveau/devinit/tu104: initial support (bsc#1133593).
- drm/nouveau/devinit/tu106: initial support (bsc#1133593).
- drm/nouveau/disp: add a way to configure scrambling/tmds for hdmi 2.0 (bsc#1133593).
- drm/nouveau/disp: add support for setting scdc parameters for high modes (bsc#1133593).
- drm/nouveau/disp/gm200-: add scdc parameter setter (bsc#1133593).
- drm/nouveau/disp/gv100: fix name of window channels in debug output (bsc#1133593).
- drm/nouveau/disp: keep track of high-speed state, program into clock (bsc#1133593).
- drm/nouveau/disp: take sink support into account for exposing 594mhz (bsc#1133593).
- drm/nouveau/disp/tu104: initial support (bsc#1133593).
- drm/nouveau/disp/tu106: initial support (bsc#1133593).
- drm/nouveau/dma/tu104: initial support (bsc#1133593).
- drm/nouveau/dma/tu106: initial support (bsc#1133593).
- drm/nouveau/drm/nouveau: Do not forget to label dp_aux devices (bsc#1133593).
- drm/nouveau/drm/nouveau: s/nouveau_backlight_exit/nouveau_backlight_fini/ (bsc#1133593).
- drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init() (bsc#1133593).
- drm/nouveau/fault: add explicit control over fault buffer interrupts (bsc#1133593).
- drm/nouveau/fault: remove manual mapping of fault buffers into BAR2 (bsc#1133593).
- drm/nouveau/fault: store get/put pri address in nvkm_fault_buffer (bsc#1133593).
- drm/nouveau/fault/tu104: initial support (bsc#1133593).
- drm/nouveau/fault/tu106: initial support (bsc#1133593).
- drm/nouveau/fb/tu104: initial support (bsc#1133593).
- drm/nouveau/fb/tu106: initial support (bsc#1133593).
- drm/nouveau/fifo/gf100-: call into BAR to reset BARs after MMU fault (bsc#1133593).
- drm/nouveau/fifo/gk104-: group pbdma functions together (bsc#1133593).
- drm/nouveau/fifo/gk104-: return channel instance in ctor args (bsc#1133593).
- drm/nouveau/fifo/gk104-: separate runlist building from committing to hw (bsc#1133593).
- drm/nouveau/fifo/gk104-: support enabling privileged ce functions (bsc#1133593).
- drm/nouveau/fifo/gk104-: virtualise pbdma enable function (bsc#1133593).
- drm/nouveau/fifo/gm200-: read pbdma count more directly (bsc#1133593).
- drm/nouveau/fifo/gv100: allocate method buffer (bsc#1133593).
- drm/nouveau/fifo/gv100: return work submission token in channel ctor args (bsc#1133593).
- drm/nouveau/fifo/tu104: initial support (bsc#1133593).
- drm/nouveau/fifo/tu106: initial support (bsc#1133593).
- drm/nouveau: Fix potential memory leak in nouveau_drm_load() (bsc#1133593).
- drm/nouveau/fuse/tu104: initial support (bsc#1133593).
- drm/nouveau/fuse/tu106: initial support (bsc#1133593).
- drm/nouveau/gpio/tu104: initial support (bsc#1133593).
- drm/nouveau/gpio/tu106: initial support (bsc#1133593).
- drm/nouveau/i2c/tu104: initial support (bsc#1133593).
- drm/nouveau/i2c/tu106: initial support (bsc#1133593).
- drm/nouveau/ibus/tu104: initial support (bsc#1133593).
- drm/nouveau/ibus/tu106: initial support (bsc#1133593).
- drm/nouveau/imem/nv50: support pinning objects in BAR2 and returning address (bsc#1133593).
- drm/nouveau/imem/tu104: initial support (bsc#1133593).
- drm/nouveau/imem/tu106: initial support (bsc#1133593).
- drm/nouveau/kms/nv50-: allow more flexibility with lut formats (bsc#1133593).
- drm/nouveau/kms/tu104: initial support (bsc#1133593).
- drm/nouveau/ltc/tu104: initial support (bsc#1133593).
- drm/nouveau/ltc/tu106: initial support (bsc#1133593).
- drm/nouveau/mc/tu104: initial support (bsc#1133593).
- drm/nouveau/mc/tu106: initial support (bsc#1133593).
- drm/nouveau/mmu: add more general vmm free/node handling functions (bsc#1133593).
- drm/nouveau/mmu/tu104: initial support (bsc#1133593).
- drm/nouveau/mmu/tu106: initial support (bsc#1133593).
- drm/nouveau: Move backlight device into nouveau_connector (bsc#1133593).
- drm/nouveau/pci/tu104: initial support (bsc#1133593).
- drm/nouveau/pci/tu106: initial support (bsc#1133593).
- drm/nouveau/pmu/tu104: initial support (bsc#1133593).
- drm/nouveau/pmu/tu106: initial support (bsc#1133593).
- drm/nouveau: Refactor nvXX_backlight_init() (bsc#1133593).
- drm/nouveau: register backlight on pascal and newer (bsc#1133593).
- drm/nouveau: remove left-over struct member (bsc#1133593).
- drm/nouveau: Remove unecessary dma_fence_ops (bsc#1133593).
- drm/nouveau: Start using new drm_dev initialization helpers (bsc#1133593).
- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).
- drm/nouveau/therm/tu104: initial support (bsc#1133593).
- drm/nouveau/therm/tu106: initial support (bsc#1133593).
- drm/nouveau/tmr/tu104: initial support (bsc#1133593).
- drm/nouveau/tmr/tu106: initial support (bsc#1133593).
- drm/nouveau/top/tu104: initial support (bsc#1133593).
- drm/nouveau/top/tu106: initial support (bsc#1133593).
- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).
- drm/omap: hdmi4_cec: Fix CEC clock handling for PM (bsc#1111666).
- drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bsc#1111666).
- drm/pl111: Initialize clock spinlock early (bsc#1111666).
- drm: rcar-du: Fix rcar_du_crtc structure documentation (bsc#1111666).
- drm/rockchip: fix for mailbox read validation (bsc#1051510).
- drm/rockchip: fix for mailbox read validation (bsc#1111666).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)
- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)
- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)
- drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind (bsc#1111666).
- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)
- drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() (bsc#1111666).
- drm/tegra: hub: Fix dereference before check (bsc#1111666).
- drm/ttm: Fix bo_global and mem_global kfree error (bsc#1111666).
- drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bsc#1111666).
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/udl: add a release method and delay modeset teardown (bsc#1085536)
- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)
- drm/vmwgfx: Remove set but not used variable 'restart' (bsc#1111666).
- dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).
- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).
- EDAC, amd64: Add Hygon Dhyana support ().
- EDAC, amd64: Add Hygon Dhyana support (fate#327735).
- ext4: actually request zeroing of inode table after grow (bsc#1135315).
- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).
- ext4: Do not warn when enabling DAX (bsc#1132894).
- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).
- fix cgroup_do_mount() handling of failure exits (bsc#1133095).
- Fix kabi after 'md: batch flush requests.' (bsc#1119680).
- fix rtnh_ok() (git-fixes).
- Fix struct page kABI after adding atomic for ppc (bsc#1131326, bsc#1108937).
- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).
- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).
- fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).
- futex: Cure exit race (bsc#1050549).
- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).
- futex: Handle early deadlock return correctly (bsc#1050549).
- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).
- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).
- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
- gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).
- HID: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).
- HID: input: add mapping for Assistant key (bsc#1051510).
- HID: input: add mapping for Expose/Overview key (bsc#1051510).
- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
- HID: input: add mapping for 'Toggle Display' key (bsc#1051510).
- HID: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).
- HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).
- HID: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).
- i2c: imx: correct the method of getting private data in notifier_call (bsc#1111666).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
- i2c: synquacer: fix enumeration of slave devices (bsc#1111666).
- ibmvnic: Enable GRO (bsc#1132227).
- ibmvnic: Fix completion structure initialization (bsc#1131659).
- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).
- igmp: fix incorrect unsolicit report count when join group (git-fixes).
- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).
- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).
- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).
- iio: core: fix a possible circular locking dependency (bsc#1051510).
- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).
- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).
- iio: Fix scan mask selection (bsc#1051510).
- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).
- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).
- inetpeer: fix uninit-value in inet_getpeer (git-fixes).
- Input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
- Input: introduce KEY_ASSISTANT (bsc#1051510).
- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).
- Input: synaptics-rmi4 - fix possible double free (bsc#1051510).
- Input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).
- intel_idle: add support for Jacobsville (jsc#SLE-5394).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).
- iommu/amd: Set exclusion range correctly (bsc#1130425).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).
- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
- ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier (bsc#1111666).
- ipmi: Prevent use-after-free in deliver_response (bsc#1111666).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
- ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).
- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
- ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).
- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).
- ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).
- ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).
- ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).
- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
- ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15).
- ipvlan: fix ipv6 outbound device (bsc#1051510).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
- ipvs: fix buffer overflow with sync daemon and service (git-fixes).
- ipvs: fix check on xmit to non-local addresses (git-fixes).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
- ipvs: fix stats update from local clients (git-fixes).
- ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).
- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).
- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).
- iwlwifi: fix driver operation for 5350 (bsc#1111666).
- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).
- kABI: protect functions using struct net_generic (bsc#1129845 LTC#176252).
- kABI: protect ip_options_rcv_srr (kabi).
- kABI: protect struct mlx5_td (kabi).
- kABI: protect struct smcd_dev (bsc#1129845 LTC#176252).
- kABI: protect struct smc_ib_device (bsc#1129845 LTC#176252).
- kABI: restore icmp_send (kabi).
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).
- kcm: switch order of device registration to fix a crash (bnc#1130527).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- kernfs: do not set dentry->d_fsdata (boo#1133115).
- KEYS: always initialize keyring_index_key::desc_len (bsc#1051510).
- KEYS: user: Align the payload buffer (bsc#1051510).
- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).
- kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).
- kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).
- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
- kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).
- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).
- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).
- kvm: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).
- kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).
- kvm: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).
- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- kvm: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).
- kvm: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).
- kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).
- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).
- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- libata: fix using DMA buffers on stack (bsc#1051510).
- lib: do not depend on linux headers being installed (bsc#1130972).
- lightnvm: if LUNs are already allocated fix return (bsc#1085535).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mac80211: do not attempt to rename ERR_PTR() debugfs dirs (bsc#1111666).
- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).
- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
- mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode (bsc#1111666).
- mac8390: Fix mmio access size probe (bsc#1051510).
- md: batch flush requests (bsc#1119680).
- md: Fix failed allocation of md_register_thread (git-fixes).
- MD: fix invalid stored role for a disk (bsc#1051510).
- md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).
- md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).
- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).
- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- mISDN: Check address length before reading address family (bsc#1051510).
- missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mmc: core: Fix tag set memory leak (bsc#1111666).
- mmc: davinci: remove extraneous __init annotation (bsc#1051510).
- mm: create non-atomic version of SetPageReserved for init use (jsc#SLE-6647).
- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).
- mmc: sdhci: Handle auto-command errors (bsc#1051510).
- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).
- mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).
- mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).
- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).
- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).
- mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07).
- mt7601u: bump supported EEPROM version (bsc#1051510).
- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: do not advertise IBSS features without FW support (bsc#1129770).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: Make resume actually do something useful again on SDIO cards (bsc#1111666).
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- net: Add header for usage of fls64() (networking-stable-19_02_20).
- net: Add __icmp_send helper (networking-stable-19_03_07).
- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).
- net: avoid false positives in untrusted gso validation (git-fixes).
- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
- net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).
- net: bridge: add vlan_tunnel to bridge port policies (git-fixes).
- net: bridge: fix per-port af_packet sockets (git-fixes).
- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes).
- net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes).
- net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20).
- net: dsa: legacy: do not unmask port bitmaps (git-fixes).
- net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).
- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).
- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).
- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes).
- netfilter: drop template ct when conntrack is skipped (git-fixes).
- netfilter: ebtables: handle string from userspace with care (git-fixes).
- netfilter: ebtables: reject non-bridge targets (git-fixes).
- netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes).
- netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes).
- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes).
- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).
- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).
- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).
- netfilter: nf_tables: release chain in flushing set (git-fixes).
- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes).
- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes).
- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).
- net: Fix a bug in removing queues from XPS map (git-fixes).
- net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20).
- net: fix IPv6 prefix route residue (networking-stable-19_02_20).
- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
- net: Fix untag for vlan packets without ethernet header (git-fixes).
- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes).
- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).
- net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15).
- net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- net: initialize skb->peeked when cloning (git-fixes).
- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).
- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
- netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).
- netlink: fix uninit-value in netlink_sendmsg (git-fixes).
- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
- net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24).
- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).
- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07).
- net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24).
- net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).
- net: rose: fix a possible stack overflow (networking-stable-19_03_28).
- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).
- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).
- net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24).
- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15).
- net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).
- net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15).
- net/smc: add pnet table namespace support (bsc#1129845 LTC#176252).
- net/smc: add smcd support to the pnet table (bsc#1129845 LTC#176252).
- net/smc: allow PCI IDs as ib device names in the pnet table (bsc#1129845 LTC#176252).
- net/smc: allow pnetid-less configuration (bsc#1129845 LTC#176252).
- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1129845 LTC#176252).
- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
- net/smc: rework pnet table (bsc#1129845 LTC#176252).
- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).
- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
- net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07).
- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).
- net: test tailroom before appending to linear skb (git-fixes).
- net: validate untrusted gso packets without csum offload (networking-stable-19_02_20).
- net/x25: fix a race in x25_bind() (networking-stable-19_03_15).
- net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15).
- net/x25: reset state in x25_connect() (networking-stable-19_03_15).
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes).
- NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).
- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
- nfsd4: catch some false session retries (git-fixes).
- nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).
- nfs: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes).
- nfs: Do not use page_file_mapping after removing the page (git-fixes).
- nfs: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).
- nfs: Fix a soft lockup in the delegation recovery code (git-fixes).
- nfs: Fix a typo in nfs_init_timeout_values() (git-fixes).
- nfs: Fix dentry revalidation on NFSv4 lookup (bsc#1132618).
- nfs: Fix I/O request leakages (git-fixes).
- nfs: fix mount/umount race in nlmclnt (git-fixes).
- nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).
- nfsv4.1 do not free interrupted slot on open (git-fixes).
- nfsv4.1: Reinitialise sequence results before retransmitting a request (git-fixes).
- nfsv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).
- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
- nvme: add proper discard setup for the multipath device (bsc#1114638).
- nvme-fc: use separate work queue to avoid warning (bsc#1131673).
- nvme: fix the dangerous reference of namespaces list (bsc#1131673).
- nvme: make sure ns head inherits underlying device limits (bsc#1131673).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1130937).
- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).
- nvme: only reconfigure discard if necessary (bsc#1114638).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- overflow: Fix -Wtype-limits compilation warnings (bsc#1111666).
- packet: fix reserve calculation (git-fixes).
- packet: in packet_snd start writing at link layer allocation (git-fixes).
- packet: refine ring v3 block size test to hold one frame (git-fixes).
- packet: reset network header if packet shorter than ll reserved space (git-fixes).
- packets: Always register packet sk in the same order (networking-stable-19_03_28).
- packet: validate msg_namelen in send directly (git-fixes).
- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).
- PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).
- PCI: Init PCIe feature bits for managed host bridge alloc (bsc#1111666).
- PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
- PCI: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
- PCI: pciehp: Convert to threaded IRQ (bsc#1133005).
- PCI: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).
- PCI: pciehp: Tolerate Presence Detect hardwired to zero (bsc#1133016).
- perf tools: Add Hygon Dhyana support ().
- perf tools: Add Hygon Dhyana support (fate#327735).
- perf/x86/amd: Add event map for AMD Family 17h (bsc#1134223).
- perf/x86/amd: Update generic hardware cache events for Family 17h (bsc#1134223).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs (bsc#1051510).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).
- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).
- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).
- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).
- powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bsc#1061840).
- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).
- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).
- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).
- powerpc/mm: Check secondary hash page table (bsc#1065729).
- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, fate#323286, git-fixes).
- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).
- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).
- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, fate#323286, git-fixes).
- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).
- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, fate#323286, git-fixes).
- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).
- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).
- powerpc/numa: improve control of topology updates (bsc#1133584).
- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).
- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).
- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).
- powerpc/powernv: Do not reprogram SLW image on every KVM guest entry/exit (bsc#1061840).
- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).
- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).
- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).
- powerpc/powernv: Make opal log only readable by root (bsc#1065729).
- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).
- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).
- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
- proc/kcore: do not bounds check against address 0 (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128971).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).
- raid10: It's wrong to add len to sector_nr in raid10 reshape twice (git-fixes).
- RAS/CEC: Check the correct variable in the debugfs error handling (bsc#1085535).
- ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15).
- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).
- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).
- rdma/cxgb4: Add support for srq functions & structs (bsc#1127371).
- rdma/cxgb4: fix some info leaks (bsc#1127371).
- rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).
- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).
- rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).
- rdma/smc: Replace ib_query_gid with rdma_get_gid_attr (bsc#1131530 LTC#176717).
- rds: fix refcount bug in rds_sock_addref (git-fixes).
- rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes).
- Re-enable nouveau for PCI device 10de:1cbb (bsc#1133593).
- Re-export snd_cards for kABI compatibility (bsc#1051510).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- Revert 'alsa: seq: Protect in-kernel ioctl calls with mutex' (bsc#1051510).
- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).
- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).
- Revert 'drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)' The patch seems buggy, breaks the build for armv7hl/pae config.
- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).
- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946, bsc#1119843).
- Revert 'tty: pty: Fix race condition between release_one_tty and pty_write' (bsc#1051510).
- ring-buffer: Check if memory is available before allocation (bsc#1132531).
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- rxrpc: Do not release call mutex on error pointer (git-fixes).
- rxrpc: Do not treat call aborts as conn aborts (git-fixes).
- rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15).
- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).
- rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).
- s390/dasd: fix panic for failed online processing (bsc#1132589).
- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).
- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- scripts/git_sort/git_sort.py: remove old SCSI git branches
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).
- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- scsi: smartpqi: add H3C controller IDs (bsc#1133547).
- scsi: smartpqi: add h3c ssid (bsc#1133547).
- scsi: smartpqi: add no_write_same for logical volumes (bsc#1133547).
- scsi: smartpqi: add ofa support (bsc#1133547).
- scsi: smartpqi: Add retries for device reset (bsc#1133547).
- scsi: smartpqi: add smp_utils support (bsc#1133547).
- scsi: smartpqi: add spdx (bsc#1133547).
- scsi: smartpqi: add support for huawei controllers (bsc#1133547).
- scsi: smartpqi: add support for PQI Config Table handshake (bsc#1133547).
- scsi: smartpqi: add sysfs attributes (bsc#1133547).
- scsi: smartpqi: allow for larger raid maps (bsc#1133547).
- scsi: smartpqi: bump driver version (bsc#1133547).
- scsi: smartpqi: bump driver version (bsc#1133547).
- scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() (bsc#1133547).
- scsi: smartpqi: check for null device pointers (bsc#1133547).
- scsi: smartpqi: correct host serial num for ssa (bsc#1133547).
- scsi: smartpqi: correct lun reset issues (bsc#1133547).
- scsi: smartpqi: correct volume status (bsc#1133547).
- scsi: smartpqi: do not offline disks for transient did no connect conditions (bsc#1133547).
- scsi: smartpqi: enhance numa node detection (bsc#1133547).
- scsi: smartpqi: fix build warnings (bsc#1133547).
- scsi: smartpqi: fix disk name mount point (bsc#1133547).
- scsi: smartpqi: fully convert to the generic DMA API (bsc#1133547).
- scsi: smartpqi: increase fw status register read timeout (bsc#1133547).
- scsi: smartpqi: increase LUN reset timeout (bsc#1133547).
- scsi: smartpqi_init: fix boolean expression in pqi_device_remove_start (bsc#1133547).
- scsi: smartpqi: refactor sending controller raid requests (bsc#1133547).
- scsi: smartpqi: Reporting 'logical unit failure' (bsc#1133547).
- scsi: smartpqi: turn off lun data caching for ptraid (bsc#1133547).
- scsi: smartpqi: update copyright (bsc#1133547).
- scsi: smartpqi: update driver version (bsc#1133547).
- scsi: smartpqi: wake up drives after os resumes from suspend (bsc#1133547).
- sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24).
- sctp: fix identification of new acks for SFR-CACC (git-fixes).
- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).
- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).
- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).
- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24).
- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
- SoC: imx-sgtl5000: add missing put_device() (bsc#1051510).
- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).
- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: Add missing pm_runtime_put_noidle() after failed get (bsc#1111666).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi-mem: fix kernel-doc for spi_mem_dirmap_{read|write}() (bsc#1111666).
- spi: Micrel eth switch: declare missing of table (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).
- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).
- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).
- staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bsc#1111666).
- staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bsc#1111666).
- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).
- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).
- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).
- svm: Fix AVIC DFR and LDR handling (bsc#1132558).
- sysctl: handle overflow for file-max (bsc#1051510).
- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
- tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).
- tcp: purge write queue in tcp_connect_init() (git-fixes).
- tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).
- team: set slave to promisc if team is already in promisc mode (bsc#1051510).
- testing: nvdimm: provide SZ_4G constant (bsc#1132982).
- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).
- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).
- tipc: fix race condition causing hung sendto (networking-stable-19_03_07).
- tools/cpupower: Add Hygon Dhyana support ().
- tools/cpupower: Add Hygon Dhyana support (fate#327735).
- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).
- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).
- tracing: Fix buffer_ref pipe ops (bsc#1133698).
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: serial_core, add ->install (bnc#1129693).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).
- tun: fix blocking read (networking-stable-19_03_07).
- tun: properly test for IFF_UP (networking-stable-19_03_28).
- tun: remove unnecessary memory barrier (networking-stable-19_03_07).
- uas: fix alignment of scatter/gather segments (bsc#1129770).
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
- Update config files. Debug kernel is not supported (bsc#1135492).
- Update config files: disable CONFIG_IDE for ppc64le
- usb: cdc-acm: fix unthrottle races (bsc#1051510).
- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).
- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- usb: serial: fix unthrottle races (bsc#1051510).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- usb: yurex: Fix protection fault after device removal (bsc#1051510).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).
- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).
- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).
- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).
- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).
- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).
- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).
- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).
- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).
- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).
- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vt: always call notifier with the console lock held (bsc#1051510).
- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).
- vxlan: test dev->flags & IFF_UP before calling netif_rx() (networking-stable-19_02_20).
- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).
- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).
- x86/alternative: Init ideal_nops for Hygon Dhyana (fate#327735).
- x86/amd_nb: Check vendor in AMD-only functions (fate#327735).
- x86/apic: Add Hygon Dhyana support (fate#327735).
- x86/bugs: Add Hygon Dhyana to the respective mitigation machinery (fate#327735).
- x86/cpu: Create Hygon Dhyana architecture support file (fate#327735).
- x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana ().
- x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana (fate#327735).
- x86/cpu/mtrr: Support TOP_MEM2 and get MTRR number (fate#327735).
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/events: Add Hygon Dhyana support to PMU infrastructure (fate#327735).
- x86/kvm: Add Hygon Dhyana support to KVM (fate#327735).
- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).
- x86/mce: Add Hygon Dhyana support to the MCA infrastructure (fate#327735).
- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and PCIE SMCA bank types (bsc#1128415).
- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).
- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).
- x86/mce: Do not disable MCA banks when offlining a CPU on AMD (fate#327735).
- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).
- x86/mce: Handle varying MCA bank counts (bsc#1128415).
- x86/msr-index: Cleanup bit defines (bsc#1111331).
- x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).
- x86/pci, x86/amd_nb: Add Hygon Dhyana support to PCI and northbridge (fate#327735).
- x86/perf/amd: Remove need to check 'running' bit in NMI handler (bsc#1131438).
- x86/perf/amd: Resolve NMI latency issues for active PMCs (bsc#1131438).
- x86/perf/amd: Resolve race condition when disabling PMC (bsc#1131438).
- x86/smpboot: Do not use BSP INIT delay and MWAIT to idle on Dhyana (fate#327735).
- x86/speculation/mds: Fix documentation typo (bsc#1135642).
- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).
- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).
- x86/xen: Add Hygon Dhyana support to Xen (fate#327735).
- xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07).
- xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07).
- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).
- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
- xfrm6: call kfree_skb when skb is toobig (git-fixes).
- xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes).
- xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).
- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
- xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).
- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).
- xfrm: Return error on unknown encap_type in init_state (git-fixes).
- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
- xfs: add log item pinning error injection tag (bsc#1114427).
- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).
- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).
- xfs: buffer lru reference count error injection tag (bsc#1114427).
- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).
- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).
- xfs: check _btree_check_block value (bsc#1123663).
- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).
- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
- xfs: create block pointer check functions (bsc#1123663).
- xfs: create inode pointer verifiers (bsc#1114427).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
- xfs: export various function for the online scrubber (bsc#1123663).
- xfs: expose errortag knobs via sysfs (bsc#1114427).
- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).
- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).
- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).
- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).
- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).
- xfs: force summary counter recalc at next mount (bsc#1114427).
- xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: make errortag a per-mountpoint structure (bsc#1123663).
- xfs: move error injection tags into their own file (bsc#1114427).
- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor btree block header checking functions (bsc#1123663).
- xfs: refactor btree pointer checks (bsc#1123663).
- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).
- xfs: refactor unmount record write (bsc#1114427).
- xfs: refactor xfs_trans_roll (bsc#1133667).
- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).
- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).
- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).
- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).
- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).
- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
- xfs: sanity-check the unused space before trying to use it (bsc#1123663).
- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).
- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).
Patchnames
openSUSE-2019-1479
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-7191: In the tun subsystem dev_get_valid_name xwas not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343 (bnc#1135603).\n- CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access (bnc#1135278).\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions (bnc#1133188). It was disabled by default.\n- CVE-2019-11811: There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c (bnc#1134397).\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c kernel. There is a race condition leading to a use-after-free, related to net namespace cleanup (bnc#1134537).\n- CVE-2019-11833: fs/ext4/extents.c did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem (bnc#1135281).\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character (bnc#1134848).\n- CVE-2019-3882: A flaw was found in the vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427).\n- CVE-2019-5489: The mincore() implementation in mm/mincore.c allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server (bnc#1120843).\n- CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results was fixed (bnc#1132681).\n- CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828).\n\nThe following non-security bugs were fixed:\n\n- 9p: do not trust pdu content for stat item size (bsc#1051510).\n- 9p locks: add mount option for lock retry interval (bsc#1051510).\n- acpi: Add Hygon Dhyana support ().\n- acpi: Add Hygon Dhyana support (fate#327735).\n- acpi: button: reinitialize button state upon resume (bsc#1051510).\n- acpiCA: AML interpreter: add region addresses in global list during initialization (bsc#1051510).\n- acpiCA: Namespace: remove address node from global list after method termination (bsc#1051510).\n- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#112128) (bsc#1132426).\n- acpi: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bsc#1111666).\n- acpi: property: restore _DSD data subnodes GUID comment (bsc#1111666).\n- acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).\n- acpi / utils: Drop reference in test for device presence (bsc#1051510).\n- alsa: core: Do not refer to snd_cards array directly (bsc#1051510).\n- alsa: core: Fix card races between register and disconnect (bsc#1051510).\n- alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- alsa: hda - Add two more machines to the power_save_blacklist (bsc#1051510).\n- alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- alsa: hda: Initialize power_state field properly (bsc#1051510).\n- alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).\n- alsa: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).\n- alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).\n- alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).\n- alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: hda/realtek - EAPD turn on later (bsc#1051510).\n- alsa: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bsc#1111666).\n- alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).\n- alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).\n- alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).\n- alsa: hda/realtek - Move to ACT_INIT state (bsc#1111666).\n- alsa: hda/realtek - Support low power consumption for ALC256 (bsc#1051510).\n- alsa: hda/realtek - Support low power consumption for ALC295 (bsc#1051510).\n- alsa: hda - Register irq handler after the chip initialization (bsc#1051510).\n- alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).\n- alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).\n- alsa: line6: Avoid polluting led_* namespace (bsc#1051510).\n- alsa: line6: use dynamic buffers (bsc#1051510).\n- alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).\n- alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).\n- alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- alsa: seq: Remove superfluous irqsave flags (bsc#1051510).\n- alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- alsa: timer: Coding style fixes (bsc#1051510).\n- alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- alsa: timer: Make sure to clear pending ack list (bsc#1051510).\n- alsa: timer: Revert active callback sync check at close (bsc#1051510).\n- alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- alsa: timer: Unify timer callback process code (bsc#1051510).\n- alsa: usb-audio: Fix a memory leak bug (bsc#1051510).\n- alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- alsa: usx2y: fix a double free bug (bsc#1051510).\n- appletalk: Fix compile regression (bsc#1051510).\n- appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).\n- ARM: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).\n- ARM: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).\n- ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).\n- ARM: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).\n- ARM: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).\n- ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).\n- ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).\n- ARM: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).\n- ARM: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).\n- ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).\n- ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).\n- ASoC: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- ASoC: fix valid stream condition (bsc#1051510).\n- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).\n- ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).\n- ASoC: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- ASoC: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- ASoC: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- ASoC: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- ASoC: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- ASoC: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- ASoC: stm32: fix sai driver name initialisation (bsc#1051510).\n- ASoC: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- ASoC: topology: free created components in tplg load error (bsc#1051510).\n- ASoC: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).\n- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).\n- ath10k: avoid possible string overflow (bsc#1051510).\n- ath10k: snoc: fix unbalanced clock error handling (bsc#1111666).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).\n- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: treat stale && dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- bcm2835: MMC issues (bsc#1070872).\n- blkcg: Introduce blkg_root_lookup() (bsc#1131673).\n- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).\n- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).\n- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).\n- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).\n- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).\n- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).\n- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).\n- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: do not leak memory in bio_copy_user_iov() (bsc#1135309).\n- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).\n- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).\n- block: fix the return errno for direct IO (bsc#1135320).\n- block: fix use-after-free on gendisk (bsc#1135312).\n- block: Introduce blk_exit_queue() (bsc#1131673).\n- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).\n- block: remove bio_rewind_iter() (bsc#1131673).\n- Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- Bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).\n- Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).\n- Bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07).\n- bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).\n- bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).\n- bonding: fix PACKET_ORIGDEV regression (git-fixes).\n- bpf: fix use after free in bpf_evict_inode (bsc#1083647).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- brcmfmac: fix leak of mypkt on error return path (bsc#1111666).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).\n- btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).\n- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).\n- btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).\n- btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- cfg80211: Handle WMM rules in regulatory domain intersection (bsc#1111666).\n- cgroup: fix parsing empty mount option string (bsc#1133094).\n- cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).\n- cifs: do not dereference smb_file_target before null check (bsc#1051510).\n- cifs: Do not hide EINTR after sending network packets (bsc#1051510).\n- cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).\n- cifs: Do not reset lease state to NONE on lease break (bsc#1051510).\n- cifs: Fix adjustment of credits for MTU requests (bsc#1051510).\n- cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510).\n- cifs: Fix credits calculations for reads with errors (bsc#1051510).\n- cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).\n- cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).\n- cifs: Fix potential OOB access of lock element array (bsc#1051510).\n- cifs: Fix read after write for files with read caching (bsc#1051510).\n- cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).\n- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).\n- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).\n- configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).\n- cpufreq: Add Hygon Dhyana support ().\n- cpufreq: Add Hygon Dhyana support (fate#327735).\n- cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ ().\n- cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ (fate#327735).\n- cpupowerutils: bench - Fix cpu online check (bsc#1051510).\n- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).\n- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).\n- crypto: caam - add missing put_device() call (bsc#1129770).\n- crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).\n- crypto: caam/qi2 - fix DMA mapping of stack memory (bsc#1111666).\n- crypto: caam/qi2 - fix zero-length buffer DMA mapping (bsc#1111666).\n- crypto: caam/qi2 - generate hash keys in-place (bsc#1111666).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).\n- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).\n- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).\n- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).\n- cxgb4: Add flag tc_flower_initialized (bsc#1127371).\n- cxgb4: Add new T5 PCI device id 0x50ae (bsc#1127371).\n- cxgb4: Add new T5 PCI device ids 0x50af and 0x50b0 (bsc#1127371).\n- cxgb4: Add new T6 PCI device ids 0x608a (bsc#1127371).\n- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).\n- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).\n- cxgb4: add support to display DCB info (bsc#1127371).\n- cxgb4: Add support to read actual provisioned resources (bsc#1127371).\n- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).\n- cxgb4: collect hardware queue descriptors (bsc#1127371).\n- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).\n- cxgb4: convert flower table to use rhashtable (bsc#1127371).\n- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).\n- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).\n- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).\n- cxgb4/cxgb4vf: Link management changes (bsc#1127371).\n- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).\n- cxgb4: display number of rx and tx pages free (bsc#1127371).\n- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).\n- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).\n- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).\n- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).\n- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).\n- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).\n- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).\n- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).\n- cxgb4: remove the unneeded locks (bsc#1127371).\n- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).\n- cxgb4: Support ethtool private flags (bsc#1127371).\n- cxgb4: update supported DCB version (bsc#1127371).\n- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).\n- cxgb4vf: Few more link management changes (bsc#1127374).\n- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).\n- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).\n- dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- dccp: Fix memleak in __feat_register_sp (bsc#1051510).\n- debugfs: fix use-after-free on symlink traversal (bsc#1051510).\n- device_cgroup: fix RCU imbalance in error case (bsc#1051510).\n- devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).\n- Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bsc#1051510).\n- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).\n- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).\n- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).\n- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).\n- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).\n- Drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).\n- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).\n- drm/amd/display: extending AUX SW Timeout (bsc#1111666).\n- drm/amd/display: fix cursor black issue (bsc#1111666).\n- drm/amd/display: If one stream full updates, full update all planes (bsc#1111666).\n- drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bsc#1111666).\n- drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bsc#1111666).\n- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).\n- drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).\n- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)\n- drm/doc: Drop 'content type' from the legacy kms property table (bsc#1111666).\n- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).\n- drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bsc#1111666).\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/fb-helper: generic: Call drm_client_add() after setup is done (bsc#1111666).\n- drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).\n- drm/i915: Disable tv output on i9x5gm (bsc#1086657, bsc#1133897).\n- drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).\n- drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled (bsc#1111666).\n- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)\n- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113956)\n- drm/i915/gvt: Annotate iomem usage (bsc#1051510).\n- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).\n- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)\n- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113956)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: Prevent use-after-free in ppgtt_free_all_spt() (bsc#1111666).\n- drm/i915/gvt: Roundup fb->height into tile's height at calucation fb->size (bsc#1111666).\n- drm/i915/icl: Whitelist GEN9_SLICE_COMMON_ECO_CHICKEN1 (bsc#1111666).\n- drm/imx: do not skip DP channel disable for background plane (bsc#1051510).\n- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)\n- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113956)\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/nouveau: add DisplayPort CEC-Tunneling-over-AUX support (bsc#1133593).\n- drm/nouveau: Add NV_PRINTK_ONCE and variants (bsc#1133593).\n- drm/nouveau: Add size to vbios.rom file in debugfs (bsc#1133593).\n- drm/nouveau: Add strap_peek to debugfs (bsc#1133593).\n- drm/nouveau/bar/tu104: initial support (bsc#1133593).\n- drm/nouveau/bar/tu106: initial support (bsc#1133593).\n- drm/nouveau/bios: translate additional memory types (bsc#1133593).\n- drm/nouveau/bios: translate USB-C connector type (bsc#1133593).\n- drm/nouveau/bios/tu104: initial support (bsc#1133593).\n- drm/nouveau/bios/tu106: initial support (bsc#1133593).\n- drm/nouveau/bus/tu104: initial support (bsc#1133593).\n- drm/nouveau/bus/tu106: initial support (bsc#1133593).\n- drm/nouveau/ce/tu104: initial support (bsc#1133593).\n- drm/nouveau/ce/tu106: initial support (bsc#1133593).\n- drm/nouveau: Cleanup indenting in nouveau_backlight.c (bsc#1133593).\n- drm/nouveau/core: increase maximum number of nvdec instances to 3 (bsc#1133593).\n- drm/nouveau/core: recognise TU102 (bsc#1133593).\n- drm/nouveau/core: recognise TU104 (bsc#1133593).\n- drm/nouveau/core: recognise TU106 (bsc#1133593).\n- drm/nouveau/core: support multiple nvdec instances (bsc#1133593).\n- drm/nouveau/devinit/gm200-: export function to upload+execute PMU/PRE_OS (bsc#1133593).\n- drm/nouveau/devinit/tu104: initial support (bsc#1133593).\n- drm/nouveau/devinit/tu106: initial support (bsc#1133593).\n- drm/nouveau/disp: add a way to configure scrambling/tmds for hdmi 2.0 (bsc#1133593).\n- drm/nouveau/disp: add support for setting scdc parameters for high modes (bsc#1133593).\n- drm/nouveau/disp/gm200-: add scdc parameter setter (bsc#1133593).\n- drm/nouveau/disp/gv100: fix name of window channels in debug output (bsc#1133593).\n- drm/nouveau/disp: keep track of high-speed state, program into clock (bsc#1133593).\n- drm/nouveau/disp: take sink support into account for exposing 594mhz (bsc#1133593).\n- drm/nouveau/disp/tu104: initial support (bsc#1133593).\n- drm/nouveau/disp/tu106: initial support (bsc#1133593).\n- drm/nouveau/dma/tu104: initial support (bsc#1133593).\n- drm/nouveau/dma/tu106: initial support (bsc#1133593).\n- drm/nouveau/drm/nouveau: Do not forget to label dp_aux devices (bsc#1133593).\n- drm/nouveau/drm/nouveau: s/nouveau_backlight_exit/nouveau_backlight_fini/ (bsc#1133593).\n- drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init() (bsc#1133593).\n- drm/nouveau/fault: add explicit control over fault buffer interrupts (bsc#1133593).\n- drm/nouveau/fault: remove manual mapping of fault buffers into BAR2 (bsc#1133593).\n- drm/nouveau/fault: store get/put pri address in nvkm_fault_buffer (bsc#1133593).\n- drm/nouveau/fault/tu104: initial support (bsc#1133593).\n- drm/nouveau/fault/tu106: initial support (bsc#1133593).\n- drm/nouveau/fb/tu104: initial support (bsc#1133593).\n- drm/nouveau/fb/tu106: initial support (bsc#1133593).\n- drm/nouveau/fifo/gf100-: call into BAR to reset BARs after MMU fault (bsc#1133593).\n- drm/nouveau/fifo/gk104-: group pbdma functions together (bsc#1133593).\n- drm/nouveau/fifo/gk104-: return channel instance in ctor args (bsc#1133593).\n- drm/nouveau/fifo/gk104-: separate runlist building from committing to hw (bsc#1133593).\n- drm/nouveau/fifo/gk104-: support enabling privileged ce functions (bsc#1133593).\n- drm/nouveau/fifo/gk104-: virtualise pbdma enable function (bsc#1133593).\n- drm/nouveau/fifo/gm200-: read pbdma count more directly (bsc#1133593).\n- drm/nouveau/fifo/gv100: allocate method buffer (bsc#1133593).\n- drm/nouveau/fifo/gv100: return work submission token in channel ctor args (bsc#1133593).\n- drm/nouveau/fifo/tu104: initial support (bsc#1133593).\n- drm/nouveau/fifo/tu106: initial support (bsc#1133593).\n- drm/nouveau: Fix potential memory leak in nouveau_drm_load() (bsc#1133593).\n- drm/nouveau/fuse/tu104: initial support (bsc#1133593).\n- drm/nouveau/fuse/tu106: initial support (bsc#1133593).\n- drm/nouveau/gpio/tu104: initial support (bsc#1133593).\n- drm/nouveau/gpio/tu106: initial support (bsc#1133593).\n- drm/nouveau/i2c/tu104: initial support (bsc#1133593).\n- drm/nouveau/i2c/tu106: initial support (bsc#1133593).\n- drm/nouveau/ibus/tu104: initial support (bsc#1133593).\n- drm/nouveau/ibus/tu106: initial support (bsc#1133593).\n- drm/nouveau/imem/nv50: support pinning objects in BAR2 and returning address (bsc#1133593).\n- drm/nouveau/imem/tu104: initial support (bsc#1133593).\n- drm/nouveau/imem/tu106: initial support (bsc#1133593).\n- drm/nouveau/kms/nv50-: allow more flexibility with lut formats (bsc#1133593).\n- drm/nouveau/kms/tu104: initial support (bsc#1133593).\n- drm/nouveau/ltc/tu104: initial support (bsc#1133593).\n- drm/nouveau/ltc/tu106: initial support (bsc#1133593).\n- drm/nouveau/mc/tu104: initial support (bsc#1133593).\n- drm/nouveau/mc/tu106: initial support (bsc#1133593).\n- drm/nouveau/mmu: add more general vmm free/node handling functions (bsc#1133593).\n- drm/nouveau/mmu/tu104: initial support (bsc#1133593).\n- drm/nouveau/mmu/tu106: initial support (bsc#1133593).\n- drm/nouveau: Move backlight device into nouveau_connector (bsc#1133593).\n- drm/nouveau/pci/tu104: initial support (bsc#1133593).\n- drm/nouveau/pci/tu106: initial support (bsc#1133593).\n- drm/nouveau/pmu/tu104: initial support (bsc#1133593).\n- drm/nouveau/pmu/tu106: initial support (bsc#1133593).\n- drm/nouveau: Refactor nvXX_backlight_init() (bsc#1133593).\n- drm/nouveau: register backlight on pascal and newer (bsc#1133593).\n- drm/nouveau: remove left-over struct member (bsc#1133593).\n- drm/nouveau: Remove unecessary dma_fence_ops (bsc#1133593).\n- drm/nouveau: Start using new drm_dev initialization helpers (bsc#1133593).\n- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).\n- drm/nouveau/therm/tu104: initial support (bsc#1133593).\n- drm/nouveau/therm/tu106: initial support (bsc#1133593).\n- drm/nouveau/tmr/tu104: initial support (bsc#1133593).\n- drm/nouveau/tmr/tu106: initial support (bsc#1133593).\n- drm/nouveau/top/tu104: initial support (bsc#1133593).\n- drm/nouveau/top/tu106: initial support (bsc#1133593).\n- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).\n- drm/omap: hdmi4_cec: Fix CEC clock handling for PM (bsc#1111666).\n- drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bsc#1111666).\n- drm/pl111: Initialize clock spinlock early (bsc#1111666).\n- drm: rcar-du: Fix rcar_du_crtc structure documentation (bsc#1111666).\n- drm/rockchip: fix for mailbox read validation (bsc#1051510).\n- drm/rockchip: fix for mailbox read validation (bsc#1111666).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)\n- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)\n- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)\n- drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind (bsc#1111666).\n- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)\n- drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() (bsc#1111666).\n- drm/tegra: hub: Fix dereference before check (bsc#1111666).\n- drm/ttm: Fix bo_global and mem_global kfree error (bsc#1111666).\n- drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bsc#1111666).\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/udl: add a release method and delay modeset teardown (bsc#1085536)\n- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)\n- drm/vmwgfx: Remove set but not used variable 'restart' (bsc#1111666).\n- dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).\n- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).\n- EDAC, amd64: Add Hygon Dhyana support ().\n- EDAC, amd64: Add Hygon Dhyana support (fate#327735).\n- ext4: actually request zeroing of inode table after grow (bsc#1135315).\n- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).\n- ext4: Do not warn when enabling DAX (bsc#1132894).\n- ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).\n- ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).\n- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).\n- fix cgroup_do_mount() handling of failure exits (bsc#1133095).\n- Fix kabi after 'md: batch flush requests.' (bsc#1119680).\n- fix rtnh_ok() (git-fixes).\n- Fix struct page kABI after adding atomic for ppc (bsc#1131326, bsc#1108937).\n- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).\n- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).\n- fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).\n- futex: Cure exit race (bsc#1050549).\n- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).\n- futex: Handle early deadlock return correctly (bsc#1050549).\n- genetlink: Fix a memory leak on error path (networking-stable-19_03_28).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).\n- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).\n- gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).\n- gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).\n- HID: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).\n- HID: input: add mapping for Assistant key (bsc#1051510).\n- HID: input: add mapping for Expose/Overview key (bsc#1051510).\n- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).\n- HID: input: add mapping for 'Toggle Display' key (bsc#1051510).\n- HID: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).\n- HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).\n- HID: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).\n- i2c: imx: correct the method of getting private data in notifier_call (bsc#1111666).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).\n- i2c: synquacer: fix enumeration of slave devices (bsc#1111666).\n- ibmvnic: Enable GRO (bsc#1132227).\n- ibmvnic: Fix completion structure initialization (bsc#1131659).\n- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).\n- igmp: fix incorrect unsolicit report count when join group (git-fixes).\n- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).\n- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).\n- iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).\n- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).\n- iio: core: fix a possible circular locking dependency (bsc#1051510).\n- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).\n- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).\n- iio: Fix scan mask selection (bsc#1051510).\n- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).\n- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).\n- inetpeer: fix uninit-value in inet_getpeer (git-fixes).\n- Input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).\n- Input: introduce KEY_ASSISTANT (bsc#1051510).\n- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).\n- Input: synaptics-rmi4 - fix possible double free (bsc#1051510).\n- Input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).\n- intel_idle: add support for Jacobsville (jsc#SLE-5394).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).\n- iommu/amd: Set exclusion range correctly (bsc#1130425).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).\n- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).\n- ipconfig: Correctly initialise ic_nameservers (bsc#1051510).\n- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).\n- ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier (bsc#1111666).\n- ipmi: Prevent use-after-free in deliver_response (bsc#1111666).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).\n- ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).\n- ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).\n- ipv6: fix cleanup ordering for pingv6 registration (git-fixes).\n- ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).\n- ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).\n- ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).\n- ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).\n- ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15).\n- ipvlan: fix ipv6 outbound device (bsc#1051510).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).\n- ipvs: fix buffer overflow with sync daemon and service (git-fixes).\n- ipvs: fix check on xmit to non-local addresses (git-fixes).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).\n- ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).\n- ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).\n- ipvs: fix stats update from local clients (git-fixes).\n- ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).\n- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).\n- iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).\n- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).\n- iwlwifi: fix driver operation for 5350 (bsc#1111666).\n- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).\n- kABI: protect functions using struct net_generic (bsc#1129845 LTC#176252).\n- kABI: protect ip_options_rcv_srr (kabi).\n- kABI: protect struct mlx5_td (kabi).\n- kABI: protect struct smcd_dev (bsc#1129845 LTC#176252).\n- kABI: protect struct smc_ib_device (bsc#1129845 LTC#176252).\n- kABI: restore icmp_send (kabi).\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).\n- kcm: switch order of device registration to fix a crash (bnc#1130527).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- kernfs: do not set dentry->d_fsdata (boo#1133115).\n- KEYS: always initialize keyring_index_key::desc_len (bsc#1051510).\n- KEYS: user: Align the payload buffer (bsc#1051510).\n- kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904 LTC#176078).\n- kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).\n- kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).\n- kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).\n- kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).\n- kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).\n- kvm: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).\n- kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).\n- kvm: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).\n- kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- kvm: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).\n- kvm: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).\n- kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).\n- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).\n- kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).\n- l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).\n- l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).\n- l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).\n- l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- lightnvm: if LUNs are already allocated fix return (bsc#1085535).\n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mac80211: do not attempt to rename ERR_PTR() debugfs dirs (bsc#1111666).\n- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).\n- mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).\n- mac80211: fix unaligned access in mesh table hash function (bsc#1051510).\n- mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode (bsc#1111666).\n- mac8390: Fix mmio access size probe (bsc#1051510).\n- md: batch flush requests (bsc#1119680).\n- md: Fix failed allocation of md_register_thread (git-fixes).\n- MD: fix invalid stored role for a disk (bsc#1051510).\n- md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).\n- md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).\n- media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).\n- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- mISDN: Check address length before reading address family (bsc#1051510).\n- missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mmc: core: Fix tag set memory leak (bsc#1111666).\n- mmc: davinci: remove extraneous __init annotation (bsc#1051510).\n- mm: create non-atomic version of SetPageReserved for init use (jsc#SLE-6647).\n- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).\n- mmc: sdhci: Handle auto-command errors (bsc#1051510).\n- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).\n- mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).\n- mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).\n- mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).\n- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).\n- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).\n- mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07).\n- mt7601u: bump supported EEPROM version (bsc#1051510).\n- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: do not advertise IBSS features without FW support (bsc#1129770).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: Make resume actually do something useful again on SDIO cards (bsc#1111666).\n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- net: Add header for usage of fls64() (networking-stable-19_02_20).\n- net: Add __icmp_send helper (networking-stable-19_03_07).\n- net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).\n- net: avoid false positives in untrusted gso validation (git-fixes).\n- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).\n- net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).\n- net: bridge: add vlan_tunnel to bridge port policies (git-fixes).\n- net: bridge: fix per-port af_packet sockets (git-fixes).\n- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes).\n- net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes).\n- net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20).\n- net: dsa: legacy: do not unmask port bitmaps (git-fixes).\n- net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).\n- net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).\n- netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).\n- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).\n- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).\n- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes).\n- netfilter: drop template ct when conntrack is skipped (git-fixes).\n- netfilter: ebtables: handle string from userspace with care (git-fixes).\n- netfilter: ebtables: reject non-bridge targets (git-fixes).\n- netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes).\n- netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes).\n- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes).\n- netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).\n- netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).\n- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).\n- netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).\n- netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).\n- netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).\n- netfilter: nf_tables: release chain in flushing set (git-fixes).\n- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes).\n- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes).\n- netfilter: x_tables: initialise match/target check parameter struct (git-fixes).\n- net: Fix a bug in removing queues from XPS map (git-fixes).\n- net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20).\n- net: fix IPv6 prefix route residue (networking-stable-19_02_20).\n- net: fix uninit-value in __hw_addr_add_ex() (git-fixes).\n- net: Fix untag for vlan packets without ethernet header (git-fixes).\n- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes).\n- net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).\n- net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15).\n- net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- net: initialize skb->peeked when cloning (git-fixes).\n- net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).\n- net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).\n- net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).\n- net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).\n- netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).\n- netlink: fix uninit-value in netlink_sendmsg (git-fixes).\n- net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).\n- net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).\n- net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24).\n- net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).\n- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07).\n- net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24).\n- net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).\n- net: rose: fix a possible stack overflow (networking-stable-19_03_28).\n- net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).\n- net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).\n- net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24).\n- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15).\n- net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).\n- net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15).\n- net/smc: add pnet table namespace support (bsc#1129845 LTC#176252).\n- net/smc: add smcd support to the pnet table (bsc#1129845 LTC#176252).\n- net/smc: allow PCI IDs as ib device names in the pnet table (bsc#1129845 LTC#176252).\n- net/smc: allow pnetid-less configuration (bsc#1129845 LTC#176252).\n- net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).\n- net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1129845 LTC#176252).\n- net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).\n- net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).\n- net/smc: consolidate function parameters (bsc#1134607 LTC#177518).\n- net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).\n- net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).\n- net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).\n- net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).\n- net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).\n- net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).\n- net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).\n- net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).\n- net/smc: rework pnet table (bsc#1129845 LTC#176252).\n- net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).\n- net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).\n- net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07).\n- net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).\n- net: test tailroom before appending to linear skb (git-fixes).\n- net: validate untrusted gso packets without csum offload (networking-stable-19_02_20).\n- net/x25: fix a race in x25_bind() (networking-stable-19_03_15).\n- net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15).\n- net/x25: reset state in x25_connect() (networking-stable-19_03_15).\n- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes).\n- NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).\n- nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).\n- nfsd4: catch some false session retries (git-fixes).\n- nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).\n- nfs: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes).\n- nfs: Do not use page_file_mapping after removing the page (git-fixes).\n- nfs: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).\n- nfs: Fix a soft lockup in the delegation recovery code (git-fixes).\n- nfs: Fix a typo in nfs_init_timeout_values() (git-fixes).\n- nfs: Fix dentry revalidation on NFSv4 lookup (bsc#1132618).\n- nfs: Fix I/O request leakages (git-fixes).\n- nfs: fix mount/umount race in nlmclnt (git-fixes).\n- nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).\n- nfsv4.1 do not free interrupted slot on open (git-fixes).\n- nfsv4.1: Reinitialise sequence results before retransmitting a request (git-fixes).\n- nfsv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).\n- nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).\n- nvme: add proper discard setup for the multipath device (bsc#1114638).\n- nvme-fc: use separate work queue to avoid warning (bsc#1131673).\n- nvme: fix the dangerous reference of namespaces list (bsc#1131673).\n- nvme: make sure ns head inherits underlying device limits (bsc#1131673).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1130937).\n- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).\n- nvme: only reconfigure discard if necessary (bsc#1114638).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- overflow: Fix -Wtype-limits compilation warnings (bsc#1111666).\n- packet: fix reserve calculation (git-fixes).\n- packet: in packet_snd start writing at link layer allocation (git-fixes).\n- packet: refine ring v3 block size test to hold one frame (git-fixes).\n- packet: reset network header if packet shorter than ll reserved space (git-fixes).\n- packets: Always register packet sk in the same order (networking-stable-19_03_28).\n- packet: validate msg_namelen in send directly (git-fixes).\n- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).\n- PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).\n- PCI: Init PCIe feature bits for managed host bridge alloc (bsc#1111666).\n- PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).\n- PCI: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).\n- PCI: pciehp: Convert to threaded IRQ (bsc#1133005).\n- PCI: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).\n- PCI: pciehp: Tolerate Presence Detect hardwired to zero (bsc#1133016).\n- perf tools: Add Hygon Dhyana support ().\n- perf tools: Add Hygon Dhyana support (fate#327735).\n- perf/x86/amd: Add event map for AMD Family 17h (bsc#1134223).\n- perf/x86/amd: Update generic hardware cache events for Family 17h (bsc#1134223).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs (bsc#1051510).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).\n- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).\n- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).\n- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).\n- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).\n- powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bsc#1061840).\n- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).\n- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).\n- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).\n- powerpc/mm: Check secondary hash page table (bsc#1065729).\n- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, fate#323286, git-fixes).\n- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).\n- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).\n- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, fate#323286, git-fixes).\n- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).\n- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, fate#323286, git-fixes).\n- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).\n- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).\n- powerpc/numa: improve control of topology updates (bsc#1133584).\n- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).\n- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).\n- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).\n- powerpc/powernv: Do not reprogram SLW image on every KVM guest entry/exit (bsc#1061840).\n- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).\n- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).\n- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).\n- powerpc/powernv: Make opal log only readable by root (bsc#1065729).\n- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).\n- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).\n- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).\n- power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).\n- power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).\n- proc/kcore: do not bounds check against address 0 (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128971).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).\n- raid10: It's wrong to add len to sector_nr in raid10 reshape twice (git-fixes).\n- RAS/CEC: Check the correct variable in the debugfs error handling (bsc#1085535).\n- ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15).\n- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).\n- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).\n- rdma/cxgb4: Add support for srq functions & structs (bsc#1127371).\n- rdma/cxgb4: fix some info leaks (bsc#1127371).\n- rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).\n- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).\n- rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).\n- rdma/smc: Replace ib_query_gid with rdma_get_gid_attr (bsc#1131530 LTC#176717).\n- rds: fix refcount bug in rds_sock_addref (git-fixes).\n- rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes).\n- Re-enable nouveau for PCI device 10de:1cbb (bsc#1133593).\n- Re-export snd_cards for kABI compatibility (bsc#1051510).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- Revert 'alsa: seq: Protect in-kernel ioctl calls with mutex' (bsc#1051510).\n- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).\n- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).\n- Revert 'drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)' The patch seems buggy, breaks the build for armv7hl/pae config.\n- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).\n- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946, bsc#1119843).\n- Revert 'tty: pty: Fix race condition between release_one_tty and pty_write' (bsc#1051510).\n- ring-buffer: Check if memory is available before allocation (bsc#1132531).\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- rxrpc: Do not release call mutex on error pointer (git-fixes).\n- rxrpc: Do not treat call aborts as conn aborts (git-fixes).\n- rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15).\n- rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).\n- rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).\n- rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).\n- s390/dasd: fix panic for failed online processing (bsc#1132589).\n- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).\n- s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).\n- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- scripts/git_sort/git_sort.py: remove old SCSI git branches\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).\n- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- scsi: smartpqi: add H3C controller IDs (bsc#1133547).\n- scsi: smartpqi: add h3c ssid (bsc#1133547).\n- scsi: smartpqi: add no_write_same for logical volumes (bsc#1133547).\n- scsi: smartpqi: add ofa support (bsc#1133547).\n- scsi: smartpqi: Add retries for device reset (bsc#1133547).\n- scsi: smartpqi: add smp_utils support (bsc#1133547).\n- scsi: smartpqi: add spdx (bsc#1133547).\n- scsi: smartpqi: add support for huawei controllers (bsc#1133547).\n- scsi: smartpqi: add support for PQI Config Table handshake (bsc#1133547).\n- scsi: smartpqi: add sysfs attributes (bsc#1133547).\n- scsi: smartpqi: allow for larger raid maps (bsc#1133547).\n- scsi: smartpqi: bump driver version (bsc#1133547).\n- scsi: smartpqi: bump driver version (bsc#1133547).\n- scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() (bsc#1133547).\n- scsi: smartpqi: check for null device pointers (bsc#1133547).\n- scsi: smartpqi: correct host serial num for ssa (bsc#1133547).\n- scsi: smartpqi: correct lun reset issues (bsc#1133547).\n- scsi: smartpqi: correct volume status (bsc#1133547).\n- scsi: smartpqi: do not offline disks for transient did no connect conditions (bsc#1133547).\n- scsi: smartpqi: enhance numa node detection (bsc#1133547).\n- scsi: smartpqi: fix build warnings (bsc#1133547).\n- scsi: smartpqi: fix disk name mount point (bsc#1133547).\n- scsi: smartpqi: fully convert to the generic DMA API (bsc#1133547).\n- scsi: smartpqi: increase fw status register read timeout (bsc#1133547).\n- scsi: smartpqi: increase LUN reset timeout (bsc#1133547).\n- scsi: smartpqi_init: fix boolean expression in pqi_device_remove_start (bsc#1133547).\n- scsi: smartpqi: refactor sending controller raid requests (bsc#1133547).\n- scsi: smartpqi: Reporting 'logical unit failure' (bsc#1133547).\n- scsi: smartpqi: turn off lun data caching for ptraid (bsc#1133547).\n- scsi: smartpqi: update copyright (bsc#1133547).\n- scsi: smartpqi: update driver version (bsc#1133547).\n- scsi: smartpqi: wake up drives after os resumes from suspend (bsc#1133547).\n- sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24).\n- sctp: fix identification of new acks for SFR-CACC (git-fixes).\n- sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).\n- sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).\n- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).\n- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24).\n- soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).\n- SoC: imx-sgtl5000: add missing put_device() (bsc#1051510).\n- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).\n- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: Add missing pm_runtime_put_noidle() after failed get (bsc#1111666).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi-mem: fix kernel-doc for spi_mem_dirmap_{read|write}() (bsc#1111666).\n- spi: Micrel eth switch: declare missing of table (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- spi: ST ST95HF NFC: declare missing of table (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).\n- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510).\n- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).\n- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).\n- staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bsc#1111666).\n- staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bsc#1111666).\n- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).\n- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).\n- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).\n- svm: Fix AVIC DFR and LDR handling (bsc#1132558).\n- sysctl: handle overflow for file-max (bsc#1051510).\n- tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).\n- tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).\n- tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).\n- tcp: purge write queue in tcp_connect_init() (git-fixes).\n- tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).\n- team: set slave to promisc if team is already in promisc mode (bsc#1051510).\n- testing: nvdimm: provide SZ_4G constant (bsc#1132982).\n- thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).\n- thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).\n- tipc: fix race condition causing hung sendto (networking-stable-19_03_07).\n- tools/cpupower: Add Hygon Dhyana support ().\n- tools/cpupower: Add Hygon Dhyana support (fate#327735).\n- tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).\n- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).\n- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).\n- tracing: Fix buffer_ref pipe ops (bsc#1133698).\n- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: serial_core, add ->install (bnc#1129693).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).\n- tun: fix blocking read (networking-stable-19_03_07).\n- tun: properly test for IFF_UP (networking-stable-19_03_28).\n- tun: remove unnecessary memory barrier (networking-stable-19_03_07).\n- uas: fix alignment of scatter/gather segments (bsc#1129770).\n- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).\n- Update config files. Debug kernel is not supported (bsc#1135492).\n- Update config files: disable CONFIG_IDE for ppc64le\n- usb: cdc-acm: fix unthrottle races (bsc#1051510).\n- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).\n- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- usb: serial: fix unthrottle races (bsc#1051510).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- usb: yurex: Fix protection fault after device removal (bsc#1051510).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).\n- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).\n- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).\n- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).\n- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).\n- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).\n- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).\n- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).\n- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).\n- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).\n- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vt: always call notifier with the console lock held (bsc#1051510).\n- vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).\n- vxlan: test dev->flags & IFF_UP before calling netif_rx() (networking-stable-19_02_20).\n- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).\n- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).\n- x86/alternative: Init ideal_nops for Hygon Dhyana (fate#327735).\n- x86/amd_nb: Check vendor in AMD-only functions (fate#327735).\n- x86/apic: Add Hygon Dhyana support (fate#327735).\n- x86/bugs: Add Hygon Dhyana to the respective mitigation machinery (fate#327735).\n- x86/cpu: Create Hygon Dhyana architecture support file (fate#327735).\n- x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana ().\n- x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana (fate#327735).\n- x86/cpu/mtrr: Support TOP_MEM2 and get MTRR number (fate#327735).\n- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).\n- x86/events: Add Hygon Dhyana support to PMU infrastructure (fate#327735).\n- x86/kvm: Add Hygon Dhyana support to KVM (fate#327735).\n- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).\n- x86/mce: Add Hygon Dhyana support to the MCA infrastructure (fate#327735).\n- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and PCIE SMCA bank types (bsc#1128415).\n- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).\n- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).\n- x86/mce: Do not disable MCA banks when offlining a CPU on AMD (fate#327735).\n- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).\n- x86/mce: Handle varying MCA bank counts (bsc#1128415).\n- x86/msr-index: Cleanup bit defines (bsc#1111331).\n- x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).\n- x86/pci, x86/amd_nb: Add Hygon Dhyana support to PCI and northbridge (fate#327735).\n- x86/perf/amd: Remove need to check 'running' bit in NMI handler (bsc#1131438).\n- x86/perf/amd: Resolve NMI latency issues for active PMCs (bsc#1131438).\n- x86/perf/amd: Resolve race condition when disabling PMC (bsc#1131438).\n- x86/smpboot: Do not use BSP INIT delay and MWAIT to idle on Dhyana (fate#327735).\n- x86/speculation/mds: Fix documentation typo (bsc#1135642).\n- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).\n- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).\n- x86/xen: Add Hygon Dhyana support to Xen (fate#327735).\n- xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07).\n- xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07).\n- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).\n- xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).\n- xfrm6: call kfree_skb when skb is toobig (git-fixes).\n- xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes).\n- xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).\n- xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).\n- xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).\n- xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).\n- xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).\n- xfrm: Return error on unknown encap_type in init_state (git-fixes).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).\n- xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).\n- xfs: add log item pinning error injection tag (bsc#1114427).\n- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).\n- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).\n- xfs: buffer lru reference count error injection tag (bsc#1114427).\n- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).\n- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).\n- xfs: check _btree_check_block value (bsc#1123663).\n- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).\n- xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).\n- xfs: create block pointer check functions (bsc#1123663).\n- xfs: create inode pointer verifiers (bsc#1114427).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).\n- xfs: export various function for the online scrubber (bsc#1123663).\n- xfs: expose errortag knobs via sysfs (bsc#1114427).\n- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).\n- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).\n- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).\n- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).\n- xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).\n- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).\n- xfs: force summary counter recalc at next mount (bsc#1114427).\n- xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: make errortag a per-mountpoint structure (bsc#1123663).\n- xfs: move error injection tags into their own file (bsc#1114427).\n- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor btree block header checking functions (bsc#1123663).\n- xfs: refactor btree pointer checks (bsc#1123663).\n- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).\n- xfs: refactor unmount record write (bsc#1114427).\n- xfs: refactor xfs_trans_roll (bsc#1133667).\n- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).\n- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).\n- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).\n- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).\n- xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).\n- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).\n- xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).\n- xfs: sanity-check the unused space before trying to use it (bsc#1123663).\n- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).\n- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-1479", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1479-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:1479-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B4DQLC5NNFA52SY3VMJNLGCDAOQAXY7D/#B4DQLC5NNFA52SY3VMJNLGCDAOQAXY7D", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:1479-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B4DQLC5NNFA52SY3VMJNLGCDAOQAXY7D/#B4DQLC5NNFA52SY3VMJNLGCDAOQAXY7D", }, { category: "self", summary: "SUSE Bug 1050549", url: "https://bugzilla.suse.com/1050549", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1055186", url: "https://bugzilla.suse.com/1055186", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1070872", url: "https://bugzilla.suse.com/1070872", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1086657", url: "https://bugzilla.suse.com/1086657", }, { category: "self", summary: "SUSE Bug 1097584", url: "https://bugzilla.suse.com/1097584", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1106284", url: "https://bugzilla.suse.com/1106284", }, { category: "self", summary: "SUSE Bug 1108193", url: "https://bugzilla.suse.com/1108193", }, { category: "self", summary: "SUSE Bug 1108937", url: "https://bugzilla.suse.com/1108937", }, { category: "self", summary: "SUSE Bug 1111331", url: "https://bugzilla.suse.com/1111331", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1112128", url: "https://bugzilla.suse.com/1112128", }, { category: "self", summary: "SUSE Bug 1112178", url: "https://bugzilla.suse.com/1112178", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 1119680", url: "https://bugzilla.suse.com/1119680", }, { category: "self", summary: "SUSE Bug 1119843", url: "https://bugzilla.suse.com/1119843", }, { category: "self", summary: "SUSE Bug 1120843", url: "https://bugzilla.suse.com/1120843", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1123663", url: "https://bugzilla.suse.com/1123663", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1127175", url: "https://bugzilla.suse.com/1127175", }, { category: "self", summary: "SUSE Bug 1127371", url: "https://bugzilla.suse.com/1127371", }, { category: "self", summary: "SUSE Bug 1127374", url: "https://bugzilla.suse.com/1127374", }, { category: "self", summary: "SUSE Bug 1128415", url: "https://bugzilla.suse.com/1128415", }, { category: "self", summary: "SUSE Bug 1128971", url: "https://bugzilla.suse.com/1128971", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129693", url: "https://bugzilla.suse.com/1129693", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1129845", url: "https://bugzilla.suse.com/1129845", }, { category: "self", summary: "SUSE Bug 1130527", url: "https://bugzilla.suse.com/1130527", }, { category: "self", summary: "SUSE Bug 1130567", url: "https://bugzilla.suse.com/1130567", }, { category: "self", summary: "SUSE Bug 1130579", url: "https://bugzilla.suse.com/1130579", }, { category: "self", summary: "SUSE Bug 1131416", url: "https://bugzilla.suse.com/1131416", }, { category: "self", summary: "SUSE Bug 1131427", url: "https://bugzilla.suse.com/1131427", }, { category: "self", summary: "SUSE Bug 1131438", url: "https://bugzilla.suse.com/1131438", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131530", url: "https://bugzilla.suse.com/1131530", }, { category: "self", summary: "SUSE Bug 1131574", url: "https://bugzilla.suse.com/1131574", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1131847", url: "https://bugzilla.suse.com/1131847", }, { category: "self", summary: "SUSE Bug 1131900", url: "https://bugzilla.suse.com/1131900", }, { category: "self", summary: "SUSE Bug 1131934", url: "https://bugzilla.suse.com/1131934", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1132219", url: "https://bugzilla.suse.com/1132219", }, { category: "self", summary: "SUSE Bug 1132226", url: "https://bugzilla.suse.com/1132226", }, { category: "self", summary: "SUSE Bug 1132369", url: "https://bugzilla.suse.com/1132369", }, { category: "self", summary: "SUSE Bug 1132373", url: "https://bugzilla.suse.com/1132373", }, { category: "self", summary: "SUSE Bug 1132397", url: "https://bugzilla.suse.com/1132397", }, { category: "self", summary: "SUSE Bug 1132402", url: "https://bugzilla.suse.com/1132402", }, { category: "self", summary: "SUSE Bug 1132403", url: "https://bugzilla.suse.com/1132403", }, { category: "self", summary: "SUSE Bug 1132404", url: "https://bugzilla.suse.com/1132404", }, { category: "self", summary: "SUSE Bug 1132405", url: "https://bugzilla.suse.com/1132405", }, { category: "self", summary: "SUSE Bug 1132411", url: "https://bugzilla.suse.com/1132411", }, { category: "self", summary: "SUSE Bug 1132412", url: "https://bugzilla.suse.com/1132412", }, { category: "self", summary: "SUSE Bug 1132413", url: "https://bugzilla.suse.com/1132413", }, { category: "self", summary: "SUSE Bug 1132426", url: "https://bugzilla.suse.com/1132426", }, { category: "self", summary: "SUSE Bug 1132527", url: "https://bugzilla.suse.com/1132527", }, { category: "self", summary: "SUSE Bug 1132531", url: "https://bugzilla.suse.com/1132531", }, { category: "self", summary: "SUSE Bug 1132561", url: "https://bugzilla.suse.com/1132561", }, { category: "self", summary: "SUSE Bug 1132562", url: "https://bugzilla.suse.com/1132562", }, { category: "self", summary: "SUSE Bug 1132564", url: "https://bugzilla.suse.com/1132564", }, { category: "self", summary: "SUSE Bug 1132618", url: "https://bugzilla.suse.com/1132618", }, { category: "self", summary: "SUSE Bug 1132681", url: "https://bugzilla.suse.com/1132681", }, { category: "self", summary: "SUSE Bug 1132726", url: "https://bugzilla.suse.com/1132726", }, { category: "self", summary: "SUSE Bug 1132828", url: "https://bugzilla.suse.com/1132828", }, { category: "self", summary: "SUSE Bug 1132894", url: "https://bugzilla.suse.com/1132894", }, { category: "self", summary: "SUSE Bug 1133005", url: "https://bugzilla.suse.com/1133005", }, { category: "self", summary: "SUSE Bug 1133094", url: "https://bugzilla.suse.com/1133094", }, { category: "self", summary: "SUSE Bug 1133095", url: "https://bugzilla.suse.com/1133095", }, { category: "self", summary: "SUSE Bug 1133149", url: "https://bugzilla.suse.com/1133149", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133547", url: "https://bugzilla.suse.com/1133547", }, { category: "self", summary: "SUSE Bug 1133668", url: "https://bugzilla.suse.com/1133668", }, { category: "self", summary: "SUSE Bug 1133672", url: "https://bugzilla.suse.com/1133672", }, { category: "self", summary: "SUSE Bug 1133698", url: "https://bugzilla.suse.com/1133698", }, { category: "self", summary: "SUSE Bug 1133702", url: "https://bugzilla.suse.com/1133702", }, { category: "self", summary: "SUSE Bug 1133769", url: "https://bugzilla.suse.com/1133769", }, { category: "self", summary: "SUSE Bug 1133772", url: "https://bugzilla.suse.com/1133772", }, { category: "self", summary: "SUSE Bug 1133778", url: "https://bugzilla.suse.com/1133778", }, { category: "self", summary: "SUSE Bug 1133779", url: "https://bugzilla.suse.com/1133779", }, { category: "self", summary: "SUSE Bug 1133780", url: "https://bugzilla.suse.com/1133780", }, { category: "self", summary: "SUSE Bug 1133850", url: "https://bugzilla.suse.com/1133850", }, { category: "self", summary: "SUSE Bug 1133851", url: "https://bugzilla.suse.com/1133851", }, { category: "self", summary: "SUSE Bug 1133852", url: "https://bugzilla.suse.com/1133852", }, { category: "self", summary: "SUSE Bug 1133897", url: "https://bugzilla.suse.com/1133897", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134597", url: "https://bugzilla.suse.com/1134597", }, { category: "self", summary: "SUSE Bug 1134600", url: "https://bugzilla.suse.com/1134600", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135120", url: "https://bugzilla.suse.com/1135120", }, { category: "self", summary: "SUSE Bug 1135278", url: "https://bugzilla.suse.com/1135278", }, { category: "self", summary: "SUSE Bug 1135281", url: "https://bugzilla.suse.com/1135281", }, { category: "self", summary: "SUSE Bug 1135309", url: "https://bugzilla.suse.com/1135309", }, { category: "self", summary: "SUSE Bug 1135312", url: "https://bugzilla.suse.com/1135312", }, { category: "self", summary: "SUSE Bug 1135315", url: "https://bugzilla.suse.com/1135315", }, { category: "self", summary: "SUSE Bug 1135320", url: "https://bugzilla.suse.com/1135320", }, { category: "self", summary: "SUSE Bug 1135323", url: "https://bugzilla.suse.com/1135323", }, { category: "self", summary: "SUSE Bug 1135492", url: "https://bugzilla.suse.com/1135492", }, { category: "self", summary: "SUSE Bug 1135642", url: "https://bugzilla.suse.com/1135642", }, { category: "self", summary: "SUSE CVE CVE-2018-7191 page", url: "https://www.suse.com/security/cve/CVE-2018-7191/", }, { category: "self", summary: "SUSE CVE CVE-2019-11085 page", url: "https://www.suse.com/security/cve/CVE-2019-11085/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11811 page", url: "https://www.suse.com/security/cve/CVE-2019-11811/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11833 page", url: "https://www.suse.com/security/cve/CVE-2019-11833/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-5489 page", url: "https://www.suse.com/security/cve/CVE-2019-5489/", }, { category: "self", summary: "SUSE CVE CVE-2019-9500 page", url: "https://www.suse.com/security/cve/CVE-2019-9500/", }, { category: "self", summary: "SUSE CVE CVE-2019-9503 page", url: "https://www.suse.com/security/cve/CVE-2019-9503/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-05-31T06:14:15Z", generator: { date: "2019-05-31T06:14:15Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:1479-1", initial_release_date: "2019-05-31T06:14:15Z", revision_history: [ { date: "2019-05-31T06:14:15Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-lp151.28.4.1.noarch", product: { name: "kernel-devel-4.12.14-lp151.28.4.1.noarch", product_id: "kernel-devel-4.12.14-lp151.28.4.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-lp151.28.4.1.noarch", product: { name: "kernel-docs-4.12.14-lp151.28.4.1.noarch", product_id: "kernel-docs-4.12.14-lp151.28.4.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-lp151.28.4.1.noarch", product: { name: "kernel-docs-html-4.12.14-lp151.28.4.1.noarch", product_id: "kernel-docs-html-4.12.14-lp151.28.4.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-lp151.28.4.1.noarch", product: { name: "kernel-macros-4.12.14-lp151.28.4.1.noarch", product_id: "kernel-macros-4.12.14-lp151.28.4.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-lp151.28.4.1.noarch", product: { name: "kernel-source-4.12.14-lp151.28.4.1.noarch", product_id: "kernel-source-4.12.14-lp151.28.4.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", product_id: "kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-debug-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-debug-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-debug-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-default-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-default-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-default-base-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-default-base-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-syms-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-syms-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-debug-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-debug-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-base-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-default-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-lp151.28.4.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", }, product_reference: "kernel-devel-4.12.14-lp151.28.4.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-lp151.28.4.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", }, product_reference: "kernel-docs-4.12.14-lp151.28.4.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-html-4.12.14-lp151.28.4.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", }, product_reference: "kernel-docs-html-4.12.14-lp151.28.4.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-lp151.28.4.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", }, product_reference: "kernel-macros-4.12.14-lp151.28.4.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-lp151.28.4.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", }, product_reference: "kernel-source-4.12.14-lp151.28.4.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", }, product_reference: "kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-syms-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", }, product_reference: "kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2018-7191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7191", }, ], notes: [ { category: "general", text: "In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7191", url: "https://www.suse.com/security/cve/CVE-2018-7191", }, { category: "external", summary: "SUSE Bug 1135603 for CVE-2018-7191", url: "https://bugzilla.suse.com/1135603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2018-7191", }, { cve: "CVE-2019-11085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11085", }, ], notes: [ { category: "general", text: "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11085", url: "https://www.suse.com/security/cve/CVE-2019-11085", }, { category: "external", summary: "SUSE Bug 1135278 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135278", }, { category: "external", summary: "SUSE Bug 1135280 for CVE-2019-11085", url: "https://bugzilla.suse.com/1135280", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "important", }, ], title: "CVE-2019-11085", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11811", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11811", url: "https://www.suse.com/security/cve/CVE-2019-11811", }, { category: "external", summary: "SUSE Bug 1134397 for CVE-2019-11811", url: "https://bugzilla.suse.com/1134397", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "low", }, ], title: "CVE-2019-11811", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11833", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11833", }, ], notes: [ { category: "general", text: "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11833", url: "https://www.suse.com/security/cve/CVE-2019-11833", }, { category: "external", summary: "SUSE Bug 1135281 for CVE-2019-11833", url: "https://bugzilla.suse.com/1135281", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2019-11833", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-5489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5489", }, ], notes: [ { category: "general", text: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5489", url: "https://www.suse.com/security/cve/CVE-2019-5489", }, { category: "external", summary: "SUSE Bug 1120843 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120843", }, { category: "external", summary: "SUSE Bug 1120885 for CVE-2019-5489", url: "https://bugzilla.suse.com/1120885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2019-5489", }, { cve: "CVE-2019-9500", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9500", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9500", url: "https://www.suse.com/security/cve/CVE-2019-9500", }, { category: "external", summary: "SUSE Bug 1132681 for CVE-2019-9500", url: "https://bugzilla.suse.com/1132681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2019-9500", }, { cve: "CVE-2019-9503", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9503", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9503", url: "https://www.suse.com/security/cve/CVE-2019-9503", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132828", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-9503", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1156653 for CVE-2019-9503", url: "https://bugzilla.suse.com/1156653", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.4.1.noarch", "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.4.1.x86_64", "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-31T06:14:15Z", details: "moderate", }, ], title: "CVE-2019-9503", }, ], }
opensuse-su-2019:1404-1
Vulnerability from csaf_opensuse
Published
2019-05-16 09:25
Modified
2019-05-16 09:25
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736
The following security bugs were fixed:
- CVE-2018-16880: A flaw was found in handle_rx() function in the vhost_net driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (bnc#1122767).
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c had multiple race conditions (bnc#1133188). It has been disabled.
- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c. There is a race condition leading to a use-after-free, related to net namespace cleanup (bnc#1134537).
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character (bnc#1134848).
- CVE-2019-3882: A flaw was found in vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427).
- CVE-2019-9003: Attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a 'service ipmievd restart' loop (bnc#1126704).
- CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results was fixed (bnc#1132681).
- CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828).
The following non-security bugs were fixed:
- 9p: do not trust pdu content for stat item size (bsc#1051510).
- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).
- ACPI / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).
- ALSA: core: Do not refer to snd_cards array directly (bsc#1051510).
- ALSA: core: Fix card races between register and disconnect (bsc#1051510).
- ALSA: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
- ALSA: hda - Add two more machines to the power_save_blacklist (bsc#1051510).
- ALSA: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
- ALSA: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
- ALSA: hda: Initialize power_state field properly (bsc#1051510).
- ALSA: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
- ALSA: hda/realtek - Add quirk for Tuxedo XC 1509 (bsc#1131442).
- ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO (bsc#1051510).
- ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB (bsc#1051510).
- ALSA: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).
- ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
- ALSA: hda/realtek - EAPD turn on later (bsc#1051510).
- ALSA: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
- ALSA: hda - Register irq handler after the chip initialization (bsc#1051510).
- ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
- ALSA: info: Fix racy addition/deletion of nodes (bsc#1051510).
- ALSA: line6: Avoid polluting led_* namespace (bsc#1051510).
- ALSA: line6: use dynamic buffers (bsc#1051510).
- ALSA: PCM: check if ops are defined before suspending PCM (bsc#1051510).
- ALSA: seq: Align temporary re-locking with irqsave version (bsc#1051510).
- ALSA: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
- ALSA: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
- ALSA: seq: Fix OOB-reads from strlcpy (bsc#1051510).
- ALSA: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
- ALSA: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
- ALSA: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
- ALSA: seq: Remove superfluous irqsave flags (bsc#1051510).
- ALSA: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
- ALSA: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
- ALSA: timer: Coding style fixes (bsc#1051510).
- ALSA: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
- ALSA: timer: Make sure to clear pending ack list (bsc#1051510).
- ALSA: timer: Revert active callback sync check at close (bsc#1051510).
- ALSA: timer: Simplify error path in snd_timer_open() (bsc#1051510).
- ALSA: timer: Unify timer callback process code (bsc#1051510).
- ALSA: usb-audio: Fix a memory leak bug (bsc#1051510).
- ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
- ALSA: usx2y: fix a double free bug (bsc#1051510).
- ASoC: cs4270: Set auto-increment bit for register writes (bsc#1051510).
- ASoC: fix valid stream condition (bsc#1051510).
- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).
- ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).
- ASoC: fsl_esai: Fix missing break in switch statement (bsc#1051510).
- ASoC: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
- ASoC: Intel: avoid Oops if DMA setup fails (bsc#1051510).
- ASoC: max98090: Fix restore of DAPM Muxes (bsc#1051510).
- ASoC: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
- ASoC: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
- ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
- ASoC: stm32: fix sai driver name initialisation (bsc#1051510).
- ASoC: tlv320aic32x4: Fix Common Pins (bsc#1051510).
- ASoC: topology: free created components in tplg load error (bsc#1051510).
- ASoC: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).
- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
- ath10k: avoid possible string overflow (bsc#1051510).
- audit: fix a memleak caused by auditing load module (bsc#1051510).
- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).
- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).
- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
- bcache: add a comment in super.c (bsc#1130972).
- bcache: add code comments for bset.c (bsc#1130972).
- bcache: add comment for cache_set->fill_iter (bsc#1130972).
- bcache: add identifier names to arguments of function definitions (bsc#1130972).
- bcache: add missing SPDX header (bsc#1130972).
- bcache: add MODULE_DESCRIPTION information (bsc#1130972).
- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
- bcache: add static const prefix to char * array declarations (bsc#1130972).
- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
- bcache: correct dirty data statistics (bsc#1130972).
- bcache: do not assign in if condition in bcache_init() (bsc#1130972).
- bcache: do not assign in if condition register_bcache() (bsc#1130972).
- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
- bcache: do not clone bio in bch_data_verify (bsc#1130972).
- bcache: do not mark writeback_running too early (bsc#1130972).
- bcache: export backing_dev_name via sysfs (bsc#1130972).
- bcache: export backing_dev_uuid via sysfs (bsc#1130972).
- bcache: fix code comments style (bsc#1130972).
- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
- bcache: fix indent by replacing blank by tabs (bsc#1130972).
- bcache: fix input integer overflow of congested threshold (bsc#1130972).
- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
- bcache: fix input overflow to journal_delay_ms (bsc#1130972).
- bcache: fix input overflow to sequential_cutoff (bsc#1130972).
- bcache: fix input overflow to writeback_delay (bsc#1130972).
- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
- bcache: fix ioctl in flash device (bsc#1130972).
- bcache: fix mistaken code comments in bcache.h (bsc#1130972).
- bcache: fix mistaken comments in request.c (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
- bcache: introduce force_wake_up_gc() (bsc#1130972).
- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
- bcache: Move couple of functions to sysfs.c (bsc#1130972).
- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
- bcache: move open brace at end of function definitions to next line (bsc#1130972).
- bcache: never writeback a discard operation (bsc#1130972).
- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
- bcache: option to automatically run gc thread after writeback (bsc#1130972).
- bcache: panic fix for making cache device (bsc#1130972).
- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
- bcache: prefer 'help' in Kconfig (bsc#1130972).
- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
- bcache: recal cached_dev_sectors on detach (bsc#1130972).
- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
- bcache: remove unused bch_passthrough_cache (bsc#1130972).
- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
- bcache: replace printk() by pr_*() routines (bsc#1130972).
- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
- bcache: set writeback_percent in a flexible range (bsc#1130972).
- bcache: split combined if-condition code into separate ones (bsc#1130972).
- bcache: stop bcache device when backing device is offline (bsc#1130972).
- bcache: stop using the deprecated get_seconds() (bsc#1130972).
- bcache: style fixes for lines over 80 characters (bsc#1130972).
- bcache: style fix to add a blank line after declarations (bsc#1130972).
- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
- bcache: treat stale && dirty keys as bad keys (bsc#1130972).
- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
- bcache: update comment for bch_data_insert (bsc#1130972).
- bcache: update comment in sysfs.c (bsc#1130972).
- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
- blkcg: Introduce blkg_root_lookup() (bsc#1131673).
- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).
- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).
- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).
- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).
- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).
- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).
- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).
- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).
- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).
- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).
- block: Introduce blk_exit_queue() (bsc#1131673).
- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).
- block: remove bio_rewind_iter() (bsc#1131673).
- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
- bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).
- bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (bsc#1051510).
- bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).
- bluetooth: hidp: fix buffer overflow (bsc#1051510).
- bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07).
- bonding: fix PACKET_ORIGDEV regression (git-fixes).
- bpf: fix use after free in bpf_evict_inode (bsc#1083647).
- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
- btrfs: add a helper to return a head ref (bsc#1134813).
- btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes).
- btrfs: breakout empty head cleanup to a helper (bsc#1134813).
- btrfs: check for refs on snapshot delete resume (bsc#1131335).
- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: Do not panic when we can't find a root key (bsc#1112063).
- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
- btrfs: Factor out common delayed refs init code (bsc#1134813).
- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).
- btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).
- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).
- btrfs: Introduce init_delayed_ref_head (bsc#1134813).
- btrfs: move all ref head cleanup to the helper function (bsc#1134813).
- btrfs: move extent_op cleanup to a helper (bsc#1134813).
- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
- btrfs: Open-code add_delayed_data_ref (bsc#1134813).
- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).
- btrfs: save drop_progress if we drop refs at all (bsc#1131336).
- btrfs: split delayed ref head initialization and addition (bsc#1134813).
- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).
- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
- ceph: fix ci->i_head_snapc leak (bsc#1122776).
- ceph: fix use-after-free on symlink traversal (bsc#1134459).
- ceph: only use d_name directly when parent is locked (bsc#1134460).
- cgroup: fix parsing empty mount option string (bsc#1133094).
- cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).
- cifs: do not dereference smb_file_target before null check (bsc#1051510).
- cifs: Do not hide EINTR after sending network packets (bsc#1051510).
- cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).
- cifs: Do not reset lease state to NONE on lease break (bsc#1051510).
- cifs: Fix adjustment of credits for MTU requests (bsc#1051510).
- cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510).
- cifs: Fix credits calculations for reads with errors (bsc#1051510).
- cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).
- cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).
- cifs: Fix potential OOB access of lock element array (bsc#1051510).
- cifs: Fix read after write for files with read caching (bsc#1051510).
- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).
- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).
- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).
- cpupowerutils: bench - Fix cpu online check (bsc#1051510).
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
- crypto: caam - add missing put_device() call (bsc#1129770).
- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).
- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).
- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).
- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).
- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).
- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).
- cxgb4: Add flag tc_flower_initialized (bsc#1127371).
- cxgb4: Add new T5 PCI device id 0x50ae (bsc#1127371).
- cxgb4: Add new T5 PCI device ids 0x50af and 0x50b0 (bsc#1127371).
- cxgb4: Add new T6 PCI device ids 0x608a (bsc#1127371).
- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).
- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).
- cxgb4: add support to display DCB info (bsc#1127371).
- cxgb4: Add support to read actual provisioned resources (bsc#1127371).
- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).
- cxgb4: collect hardware queue descriptors (bsc#1127371).
- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).
- cxgb4: convert flower table to use rhashtable (bsc#1127371).
- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).
- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).
- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).
- cxgb4/cxgb4vf: Link management changes (bsc#1127371).
- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).
- cxgb4: display number of rx and tx pages free (bsc#1127371).
- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).
- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).
- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).
- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).
- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).
- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).
- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).
- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).
- cxgb4: remove the unneeded locks (bsc#1127371).
- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).
- cxgb4: Support ethtool private flags (bsc#1127371).
- cxgb4: update supported DCB version (bsc#1127371).
- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).
- cxgb4vf: Few more link management changes (bsc#1127374).
- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).
- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).
- device_cgroup: fix RCU imbalance in error case (bsc#1051510).
- Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bsc#1051510).
- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).
- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).
- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).
- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).
- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).
- drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).
- drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).
- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).
- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)
- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).
- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)
- drm/i915/gvt: Annotate iomem usage (bsc#1051510).
- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).
- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)
- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
- drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check (bsc#1051510).
- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)
- drm/mediatek: fix possible object reference leak (bsc#1051510).
- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
- drm/meson: Fix invalid pointer in meson_drv_unbind() (bsc#1051510).
- drm/meson: Uninstall IRQ handler (bsc#1051510).
- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).
- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).
- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)
- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)
- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)
- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)
- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)
- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
- drm/udl: add a release method and delay modeset teardown (bsc#1085536)
- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)
- dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20).
- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).
- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).
- ext2: Fix underflow in ext2_max_size() (bsc#1131174).
- ext4: add mask of ext4 flags to swap (bsc#1131170).
- ext4: add missing brelse() in add_new_gdb_meta_bg() (bsc#1131176).
- ext4: brelse all indirect buffer in ext4_ind_remove_space() (bsc#1131173).
- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).
- ext4: cleanup pagecache before swap i_data (bsc#1131178).
- ext4: fix check of inode in swap_inode_boot_loader (bsc#1131177).
- ext4: fix data corruption caused by unaligned direct AIO (bsc#1131172).
- ext4: fix EXT4_IOC_SWAP_BOOT (bsc#1131180).
- ext4: fix NULL pointer dereference while journal is aborted (bsc#1131171).
- ext4: update quota information while swapping boot loader inode (bsc#1131179).
- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).
- fix cgroup_do_mount() handling of failure exits (bsc#1133095).
- Fix kabi after 'md: batch flush requests.' (bsc#1119680).
- Fix struct page kABI after adding atomic for ppc (bsc#1131326, bsc#1108937).
- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).
- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).
- fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).
- futex: Cure exit race (bsc#1050549).
- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).
- futex: Handle early deadlock return correctly (bsc#1050549).
- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).
- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).
- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).
- gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).
- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
- hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).
- hid: input: add mapping for Assistant key (bsc#1051510).
- hid: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).
- hid: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).
- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
- hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07).
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).
- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
- ibmvnic: Enable GRO (bsc#1132227).
- ibmvnic: Fix completion structure initialization (bsc#1131659).
- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).
- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).
- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).
- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).
- iio: core: fix a possible circular locking dependency (bsc#1051510).
- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).
- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).
- iio: Fix scan mask selection (bsc#1051510).
- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).
- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).
- Input: introduce KEY_ASSISTANT (bsc#1051510).
- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).
- Input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).
- intel_idle: add support for Jacobsville (jsc#SLE-5394).
- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
- intel_th: pci: Add Comet Lake support (bsc#1051510).
- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).
- iommu/amd: Set exclusion range correctly (bsc#1130425).
- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
- ip6_tunnel: fix ip6 tunnel lookup in collect_md mode (git-fixes).
- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
- ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).
- ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).
- ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).
- ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).
- ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).
- ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15).
- ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).
- It's wrong to add len to sector_nr in raid10 reshape twice (git-fixes).
- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).
- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).
- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).
- jbd2: clear dirty flag when revoking a buffer from an older transaction (bsc#1131167).
- jbd2: fix compile warning when using JBUFFER_TRACE (bsc#1131168).
- kABI: restore icmp_send (kabi).
- kabi/severities: add cxgb4 and cxgb4vf shared data to the whitelis (bsc#1127372)
- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
- kbuild: modversions: Fix relative CRC byte order interpretation (bsc#1131290).
- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).
- kcm: switch order of device registration to fix a crash (bnc#1130527).
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
- kernfs: do not set dentry->d_fsdata (boo#1133115).
- KEYS: always initialize keyring_index_key::desc_len (bsc#1051510).
- KEYS: user: Align the payload buffer (bsc#1051510).
- KVM: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).
- KVM: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).
- KVM: Fix UAF in nested posted interrupt processing (bsc#1134199).
- KVM: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).
- KVM: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
- KVM: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).
- KVM: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
- KVM: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).
- KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).
- KVM: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).
- KVM: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).
- KVM: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
- KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
- KVM: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
- KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).
- KVM: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).
- KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).
- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).
- KVM: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
- leds: avoid races with workqueue (bsc#1051510).
- leds: pca9532: fix a potential NULL pointer dereference (bsc#1051510).
- lib: add crc64 calculation routines (bsc#1130972).
- libata: fix using DMA buffers on stack (bsc#1051510).
- lib: do not depend on linux headers being installed (bsc#1130972).
- lightnvm: if LUNs are already allocated fix return (bsc#1085535).
- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
- Linux v5.0-rc7: bcm2835 MMC issues (bsc#1070872).
- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (bsc#1111331).
- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).
- md: batch flush requests (bsc#1119680).
- md: Fix failed allocation of md_register_thread (git-fixes).
- md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).
- md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).
- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
- media: cx23885: check allocation return (bsc#1051510).
- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).
- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).
- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
- media: wl128x: prevent two potential buffer overflows (bsc#1051510).
- mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S (bsc#1051510).
- missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15).
- mmc: core: fix possible use after free of host (bsc#1051510).
- mmc: davinci: remove extraneous __init annotation (bsc#1051510).
- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).
- mmc: sdhci: Handle auto-command errors (bsc#1051510).
- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).
- mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).
- mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).
- mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd() (bsc#1126740).
- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).
- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).
- mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07).
- mt7601u: bump supported EEPROM version (bsc#1051510).
- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
- mwifiex: do not advertise IBSS features without FW support (bsc#1129770).
- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
- mwifiex: prevent an array overflow (bsc#1051510).
- mwl8k: Fix rate_idx underflow (bsc#1051510).
- net: Add header for usage of fls64() (networking-stable-19_02_20).
- net: Add __icmp_send helper (networking-stable-19_03_07).
- net: avoid false positives in untrusted gso validation (git-fixes).
- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
- net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).
- net: bridge: add vlan_tunnel to bridge port policies (git-fixes).
- net: bridge: fix per-port af_packet sockets (git-fixes).
- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes).
- net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes).
- net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20).
- net: dsa: legacy: do not unmask port bitmaps (git-fixes).
- net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).
- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes).
- netfilter: drop template ct when conntrack is skipped (git-fixes).
- netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes).
- netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes).
- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes).
- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes).
- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes).
- net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20).
- net: fix IPv6 prefix route residue (networking-stable-19_02_20).
- net: Fix untag for vlan packets without ethernet header (git-fixes).
- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes).
- net/hsr: Check skb_put_padto() return value (git-fixes).
- net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15).
- net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).
- net/ibmvnic: Update carrier state after link state change (bsc#1135100).
- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
- netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).
- netlink: fix nla_put_{u8,u16,u32} for KASAN (git-fixes).
- net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24).
- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07).
- net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24).
- net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).
- net_sched: acquire RTNL in tc_action_net_exit() (git-fixes).
- net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24).
- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15).
- net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).
- net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15).
- net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07).
- net: validate untrusted gso packets without csum offload (networking-stable-19_02_20).
- net/x25: fix a race in x25_bind() (networking-stable-19_03_15).
- net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15).
- net/x25: reset state in x25_connect() (networking-stable-19_03_15).
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes).
- NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).
- NFS: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
- nfsd4: catch some false session retries (git-fixes).
- nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).
- NFS: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes).
- NFS: Do not use page_file_mapping after removing the page (git-fixes).
- NFS: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).
- NFS: Fix a soft lockup in the delegation recovery code (git-fixes).
- NFS: Fix a typo in nfs_init_timeout_values() (git-fixes).
- NFS: Fix dentry revalidation on NFSv4 lookup (bsc#1132618).
- NFS: Fix I/O request leakages (git-fixes).
- NFS: fix mount/umount race in nlmclnt (git-fixes).
- NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).
- NFSv4.1 do not free interrupted slot on open (git-fixes).
- NFSv4.1: Reinitialise sequence results before retransmitting a request (git-fixes).
- NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).
- nvme: add proper discard setup for the multipath device (bsc#1114638).
- nvme: fix the dangerous reference of namespaces list (bsc#1131673).
- nvme: make sure ns head inherits underlying device limits (bsc#1131673).
- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).
- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).
- nvme: only reconfigure discard if necessary (bsc#1114638).
- ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock (bsc#1131169).
- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
- openvswitch: add seqadj extension when NAT is used (bsc#1051510).
- openvswitch: fix flow actions reallocation (bsc#1051510).
- packet: validate msg_namelen in send directly (git-fixes).
- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).
- PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).
- PCI: pciehp: Convert to threaded IRQ (bsc#1133005).
- PCI: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
- phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs (bsc#1051510).
- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
- powerpc/64: Call setup_barrier_nospec() from setup_arch() (bsc#1131107).
- powerpc/64: Disable the speculation barrier from the command line (bsc#1131107).
- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).
- powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (bsc#1131107).
- powerpc/64s: Add new security feature flags for count cache flush (bsc#1131107).
- powerpc/64s: Add support for software count cache flush (bsc#1131107).
- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).
- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
- powerpc/asm: Add a patch_site macro & helpers for patching instructions (bsc#1131107).
- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).
- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).
- powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bsc#1061840).
- powerpc/fsl: Fix spectre_v2 mitigations reporting (bsc#1131107).
- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).
- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).
- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).
- powerpc/mm: Check secondary hash page table (bsc#1065729).
- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).
- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).
- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).
- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).
- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).
- powerpc/numa: improve control of topology updates (bsc#1133584).
- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).
- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).
- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).
- powerpc/powernv: Do not reprogram SLW image on every KVM guest entry/exit (bsc#1061840).
- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).
- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).
- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).
- powerpc/powernv: Make opal log only readable by root (bsc#1065729).
- powerpc/powernv: Query firmware for count cache flush settings (bsc#1131107).
- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).
- powerpc/pseries: Query hypervisor for count cache flush settings (bsc#1131107).
- powerpc/security: Fix spectre_v2 reporting (bsc#1131107).
- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).
- proc/kcore: do not bounds check against address 0 (bsc#1051510).
- proc: revalidate kernel thread inodes to root:root (bsc#1051510).
- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
- qmi_wwan: add Olicard 600 (bsc#1051510).
- qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).
- RAS/CEC: Check the correct variable in the debugfs error handling (bsc#1085535).
- ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15).
- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).
- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).
- rdma/cxgb4: Add support for srq functions & structs (bsc#1127371).
- rdma/cxgb4: fix some info leaks (bsc#1127371).
- RDMA/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).
- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).
- RDMA/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).
- rds: fix refcount bug in rds_sock_addref (git-fixes).
- rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes).
- Re-export snd_cards for kABI compatibility (bsc#1051510).
- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
- Revert 'ALSA: seq: Protect in-kernel ioctl calls with mutex' (bsc#1051510).
- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).
- Revert 'drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)'
- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).
- Revert 'tty: pty: Fix race condition between release_one_tty and pty_write' (bsc#1051510).
- ring-buffer: Check if memory is available before allocation (bsc#1132531).
- route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (networking-stable-19_03_15).
- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
- rxrpc: Do not release call mutex on error pointer (git-fixes).
- rxrpc: Do not treat call aborts as conn aborts (git-fixes).
- rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15).
- rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).
- s390/dasd: fix panic for failed online processing (bsc#1132589).
- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).
- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).
- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).
- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
- sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24).
- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).
- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
- serial: max310x: Fix to avoid potential NULL pointer dereference (bsc#1051510).
- serial: sh-sci: Fix setting SCSCR_TIE while transferring data (bsc#1051510).
- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24).
- SoC: imx-sgtl5000: add missing put_device() (bsc#1051510).
- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).
- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).
- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).
- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).
- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).
- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).
- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).
- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).
- stm class: Fix an endless loop in channel allocation (bsc#1051510).
- stm class: Fix channel free in stm output free path (bsc#1051510).
- stm class: Prevent division by zero (bsc#1051510).
- sunrpc/cache: handle missing listeners better (bsc#1126221).
- sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes).
- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
- supported.conf: Add vxlan to kernel-default-base (bsc#1132083).
- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).
- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).
- svm: Fix AVIC DFR and LDR handling (bsc#1132558).
- sysctl: handle overflow for file-max (bsc#1051510).
- tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).
- tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).
- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
- thermal/int340x_thermal: fix mode setting (bsc#1051510).
- tipc: fix race condition causing hung sendto (networking-stable-19_03_07).
- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).
- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).
- tracing: Fix buffer_ref pipe ops (bsc#1133698).
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).
- tty: atmel_serial: fix a potential NULL pointer dereference (bsc#1051510).
- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
- tun: fix blocking read (networking-stable-19_03_07).
- tun: remove unnecessary memory barrier (networking-stable-19_03_07).
- UAS: fix alignment of scatter/gather segments (bsc#1129770).
- udf: Fix crash on IO error during truncate (bsc#1131175).
- usb: cdc-acm: fix unthrottle races (bsc#1051510).
- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510).
- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).
- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
- usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk (bsc#1051510).
- usb: mtu3: fix EXTCON dependency (bsc#1051510).
- usb: serial: cp210x: add new device id (bsc#1051510).
- usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).
- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
- usb: serial: fix unthrottle races (bsc#1051510).
- usb: serial: ftdi_sio: add additional NovaTech products (bsc#1051510).
- usb: serial: option: add Olicard 600 (bsc#1051510).
- usb: serial: option: add support for Quectel EM12 (bsc#1051510).
- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
- usb: u132-hcd: fix resource leak (bsc#1051510).
- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
- usb: yurex: Fix protection fault after device removal (bsc#1051510).
- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
- vfio/pci: use correct format characters (bsc#1051510).
- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).
- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).
- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).
- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).
- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).
- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).
- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).
- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).
- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).
- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).
- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).
- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
- video: fbdev: Set pixclock = 0 in goldfishfb (bsc#1051510).
- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
- vsock/virtio: reset connected sockets on device removal (bsc#1051510).
- vxlan: test dev->flags & IFF_UP before calling netif_rx() (networking-stable-19_02_20).
- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).
- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331).
- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).
- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).
- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and PCIE SMCA bank types (bsc#1128415).
- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).
- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).
- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).
- x86/mce: Handle varying MCA bank counts (bsc#1128415).
- x86/msr-index: Cleanup bit defines (bsc#1111331).
- x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).
- x86/speculation: Consolidate CPU whitelists (bsc#1111331).
- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).
- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).
- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).
- x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331).
- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).
- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).
- x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331).
- x86/speculation/mds: Add SMT warning message (bsc#1111331).
- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).
- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bsc#1111331).
- x86/speculation: Move arch_smt_update() call to after mitigation decisions (bsc#1111331).
- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).
- x86/speculation: Simplify the CPU bug detection logic (bsc#1111331).
- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).
- xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07).
- xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07).
- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).
- xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes).
- xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).
- xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).
- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
- xfrm: Return error on unknown encap_type in init_state (git-fixes).
- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).
- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).
- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).
- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).
- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).
- xfs: detect and fix bad summary counts at mount (bsc#1114427).
- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).
- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).
- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).
- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).
- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).
- xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675).
- xfs: kill meaningless variable 'zero' (bsc#1106011).
- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).
- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).
- xfs: refactor xfs_trans_roll (bsc#1133667).
- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).
- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).
- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).
- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).
- xfs: remove xfs_zero_range (bsc#1106011).
- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).
- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).
- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).
- xhci: Do not let USB3 ports stuck in polling state prevent suspend (bsc#1051510).
- xhci: Fix port resume done detection for SS ports with LPM enabled (bsc#1051510).
Patchnames
openSUSE-2019-1404
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nFour new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)\n\n- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)\n- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)\n- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)\n- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)\n\nThis kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.\n\nFor more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736\n\nThe following security bugs were fixed:\n\n- CVE-2018-16880: A flaw was found in handle_rx() function in the vhost_net driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (bnc#1122767).\n- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c had multiple race conditions (bnc#1133188). It has been disabled.\n- CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c. There is a race condition leading to a use-after-free, related to net namespace cleanup (bnc#1134537).\n- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character (bnc#1134848).\n- CVE-2019-3882: A flaw was found in vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427).\n- CVE-2019-9003: Attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a 'service ipmievd restart' loop (bnc#1126704).\n- CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results was fixed (bnc#1132681).\n- CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828).\n\nThe following non-security bugs were fixed:\n\n- 9p: do not trust pdu content for stat item size (bsc#1051510).\n- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).\n- ACPI / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).\n- ALSA: core: Do not refer to snd_cards array directly (bsc#1051510).\n- ALSA: core: Fix card races between register and disconnect (bsc#1051510).\n- ALSA: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).\n- ALSA: hda - Add two more machines to the power_save_blacklist (bsc#1051510).\n- ALSA: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).\n- ALSA: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).\n- ALSA: hda: Initialize power_state field properly (bsc#1051510).\n- ALSA: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).\n- ALSA: hda/realtek - Add quirk for Tuxedo XC 1509 (bsc#1131442).\n- ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO (bsc#1051510).\n- ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB (bsc#1051510).\n- ALSA: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).\n- ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).\n- ALSA: hda/realtek - EAPD turn on later (bsc#1051510).\n- ALSA: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).\n- ALSA: hda - Register irq handler after the chip initialization (bsc#1051510).\n- ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).\n- ALSA: info: Fix racy addition/deletion of nodes (bsc#1051510).\n- ALSA: line6: Avoid polluting led_* namespace (bsc#1051510).\n- ALSA: line6: use dynamic buffers (bsc#1051510).\n- ALSA: PCM: check if ops are defined before suspending PCM (bsc#1051510).\n- ALSA: seq: Align temporary re-locking with irqsave version (bsc#1051510).\n- ALSA: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).\n- ALSA: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).\n- ALSA: seq: Fix OOB-reads from strlcpy (bsc#1051510).\n- ALSA: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).\n- ALSA: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).\n- ALSA: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).\n- ALSA: seq: Remove superfluous irqsave flags (bsc#1051510).\n- ALSA: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).\n- ALSA: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).\n- ALSA: timer: Coding style fixes (bsc#1051510).\n- ALSA: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).\n- ALSA: timer: Make sure to clear pending ack list (bsc#1051510).\n- ALSA: timer: Revert active callback sync check at close (bsc#1051510).\n- ALSA: timer: Simplify error path in snd_timer_open() (bsc#1051510).\n- ALSA: timer: Unify timer callback process code (bsc#1051510).\n- ALSA: usb-audio: Fix a memory leak bug (bsc#1051510).\n- ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).\n- ALSA: usx2y: fix a double free bug (bsc#1051510).\n- ASoC: cs4270: Set auto-increment bit for register writes (bsc#1051510).\n- ASoC: fix valid stream condition (bsc#1051510).\n- ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).\n- ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).\n- ASoC: fsl_esai: Fix missing break in switch statement (bsc#1051510).\n- ASoC: hdmi-codec: fix S/PDIF DAI (bsc#1051510).\n- ASoC: Intel: avoid Oops if DMA setup fails (bsc#1051510).\n- ASoC: max98090: Fix restore of DAPM Muxes (bsc#1051510).\n- ASoC: nau8810: fix the issue of widget with prefixed name (bsc#1051510).\n- ASoC: nau8824: fix the issue of the widget with prefix name (bsc#1051510).\n- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).\n- ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).\n- ASoC:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).\n- ASoC: stm32: fix sai driver name initialisation (bsc#1051510).\n- ASoC: tlv320aic32x4: Fix Common Pins (bsc#1051510).\n- ASoC: topology: free created components in tplg load error (bsc#1051510).\n- ASoC: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).\n- assume flash part size to be 4MB, if it can't be determined (bsc#1127371).\n- at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).\n- ath10k: avoid possible string overflow (bsc#1051510).\n- audit: fix a memleak caused by auditing load module (bsc#1051510).\n- b43: shut up clang -Wuninitialized variable warning (bsc#1051510).\n- batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).\n- batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).\n- bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).\n- bcache: add a comment in super.c (bsc#1130972).\n- bcache: add code comments for bset.c (bsc#1130972).\n- bcache: add comment for cache_set->fill_iter (bsc#1130972).\n- bcache: add identifier names to arguments of function definitions (bsc#1130972).\n- bcache: add missing SPDX header (bsc#1130972).\n- bcache: add MODULE_DESCRIPTION information (bsc#1130972).\n- bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).\n- bcache: add static const prefix to char * array declarations (bsc#1130972).\n- bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).\n- bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).\n- bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).\n- bcache: correct dirty data statistics (bsc#1130972).\n- bcache: do not assign in if condition in bcache_init() (bsc#1130972).\n- bcache: do not assign in if condition register_bcache() (bsc#1130972).\n- bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).\n- bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).\n- bcache: do not clone bio in bch_data_verify (bsc#1130972).\n- bcache: do not mark writeback_running too early (bsc#1130972).\n- bcache: export backing_dev_name via sysfs (bsc#1130972).\n- bcache: export backing_dev_uuid via sysfs (bsc#1130972).\n- bcache: fix code comments style (bsc#1130972).\n- bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).\n- bcache: fix indent by replacing blank by tabs (bsc#1130972).\n- bcache: fix input integer overflow of congested threshold (bsc#1130972).\n- bcache: fix input overflow to cache set io_error_limit (bsc#1130972).\n- bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).\n- bcache: fix input overflow to journal_delay_ms (bsc#1130972).\n- bcache: fix input overflow to sequential_cutoff (bsc#1130972).\n- bcache: fix input overflow to writeback_delay (bsc#1130972).\n- bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).\n- bcache: fix ioctl in flash device (bsc#1130972).\n- bcache: fix mistaken code comments in bcache.h (bsc#1130972).\n- bcache: fix mistaken comments in request.c (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).\n- bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).\n- bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).\n- bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).\n- bcache: improve sysfs_strtoul_clamp() (bsc#1130972).\n- bcache: introduce force_wake_up_gc() (bsc#1130972).\n- bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).\n- bcache: Move couple of functions to sysfs.c (bsc#1130972).\n- bcache: Move couple of string arrays to sysfs.c (bsc#1130972).\n- bcache: move open brace at end of function definitions to next line (bsc#1130972).\n- bcache: never writeback a discard operation (bsc#1130972).\n- bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).\n- bcache: option to automatically run gc thread after writeback (bsc#1130972).\n- bcache: panic fix for making cache device (bsc#1130972).\n- bcache: Populate writeback_rate_minimum attribute (bsc#1130972).\n- bcache: prefer 'help' in Kconfig (bsc#1130972).\n- bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).\n- bcache: recal cached_dev_sectors on detach (bsc#1130972).\n- bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).\n- bcache: remove unused bch_passthrough_cache (bsc#1130972).\n- bcache: remove useless parameter of bch_debug_init() (bsc#1130972).\n- bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).\n- bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).\n- bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).\n- bcache: replace printk() by pr_*() routines (bsc#1130972).\n- bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).\n- bcache: set writeback_percent in a flexible range (bsc#1130972).\n- bcache: split combined if-condition code into separate ones (bsc#1130972).\n- bcache: stop bcache device when backing device is offline (bsc#1130972).\n- bcache: stop using the deprecated get_seconds() (bsc#1130972).\n- bcache: style fixes for lines over 80 characters (bsc#1130972).\n- bcache: style fix to add a blank line after declarations (bsc#1130972).\n- bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).\n- bcache: treat stale && dirty keys as bad keys (bsc#1130972).\n- bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).\n- bcache: update comment for bch_data_insert (bsc#1130972).\n- bcache: update comment in sysfs.c (bsc#1130972).\n- bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).\n- bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).\n- bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).\n- bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).\n- bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).\n- blkcg: Introduce blkg_root_lookup() (bsc#1131673).\n- blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).\n- blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).\n- blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).\n- blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).\n- blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).\n- blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).\n- blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).\n- blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).\n- block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).\n- block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).\n- block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).\n- block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).\n- block: Introduce blk_exit_queue() (bsc#1131673).\n- block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).\n- block: remove bio_rewind_iter() (bsc#1131673).\n- bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).\n- bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).\n- bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (bsc#1051510).\n- bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).\n- bluetooth: hidp: fix buffer overflow (bsc#1051510).\n- bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07).\n- bonding: fix PACKET_ORIGDEV regression (git-fixes).\n- bpf: fix use after free in bpf_evict_inode (bsc#1083647).\n- brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).\n- btrfs: add a helper to return a head ref (bsc#1134813).\n- btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes).\n- btrfs: breakout empty head cleanup to a helper (bsc#1134813).\n- btrfs: check for refs on snapshot delete resume (bsc#1131335).\n- btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: Do not panic when we can't find a root key (bsc#1112063).\n- btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).\n- btrfs: Factor out common delayed refs init code (bsc#1134813).\n- btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).\n- btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).\n- btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).\n- btrfs: Introduce init_delayed_ref_head (bsc#1134813).\n- btrfs: move all ref head cleanup to the helper function (bsc#1134813).\n- btrfs: move extent_op cleanup to a helper (bsc#1134813).\n- btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).\n- btrfs: Open-code add_delayed_data_ref (bsc#1134813).\n- btrfs: Open-code add_delayed_tree_ref (bsc#1134813).\n- btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).\n- btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).\n- btrfs: remove delayed_ref_node from ref_head (bsc#1134813).\n- btrfs: remove WARN_ON in log_dir_items (bsc#1131847).\n- btrfs: save drop_progress if we drop refs at all (bsc#1131336).\n- btrfs: split delayed ref head initialization and addition (bsc#1134813).\n- btrfs: track refs in a rb_tree instead of a list (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).\n- btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).\n- cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).\n- ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).\n- ceph: fix ci->i_head_snapc leak (bsc#1122776).\n- ceph: fix use-after-free on symlink traversal (bsc#1134459).\n- ceph: only use d_name directly when parent is locked (bsc#1134460).\n- cgroup: fix parsing empty mount option string (bsc#1133094).\n- cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).\n- cifs: do not dereference smb_file_target before null check (bsc#1051510).\n- cifs: Do not hide EINTR after sending network packets (bsc#1051510).\n- cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).\n- cifs: Do not reset lease state to NONE on lease break (bsc#1051510).\n- cifs: Fix adjustment of credits for MTU requests (bsc#1051510).\n- cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510).\n- cifs: Fix credits calculations for reads with errors (bsc#1051510).\n- cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).\n- cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).\n- cifs: Fix potential OOB access of lock element array (bsc#1051510).\n- cifs: Fix read after write for files with read caching (bsc#1051510).\n- clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).\n- clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).\n- clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).\n- clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).\n- clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).\n- cpupowerutils: bench - Fix cpu online check (bsc#1051510).\n- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).\n- crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).\n- crypto: caam - add missing put_device() call (bsc#1129770).\n- crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).\n- crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).\n- crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).\n- crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).\n- crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).\n- crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).\n- crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).\n- crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).\n- crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).\n- crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).\n- crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).\n- crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).\n- crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).\n- cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).\n- cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).\n- cxgb4: Add flag tc_flower_initialized (bsc#1127371).\n- cxgb4: Add new T5 PCI device id 0x50ae (bsc#1127371).\n- cxgb4: Add new T5 PCI device ids 0x50af and 0x50b0 (bsc#1127371).\n- cxgb4: Add new T6 PCI device ids 0x608a (bsc#1127371).\n- cxgb4: add per rx-queue counter for packet errors (bsc#1127371).\n- cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).\n- cxgb4: add support to display DCB info (bsc#1127371).\n- cxgb4: Add support to read actual provisioned resources (bsc#1127371).\n- cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).\n- cxgb4: collect hardware queue descriptors (bsc#1127371).\n- cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).\n- cxgb4: convert flower table to use rhashtable (bsc#1127371).\n- cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).\n- cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).\n- cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).\n- cxgb4/cxgb4vf: Link management changes (bsc#1127371).\n- cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).\n- cxgb4: display number of rx and tx pages free (bsc#1127371).\n- cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).\n- cxgb4: Export sge_host_page_size to ulds (bsc#1127371).\n- cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).\n- cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).\n- cxgb4: Mask out interrupts that are not enabled (bsc#1127175).\n- cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).\n- cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).\n- cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).\n- cxgb4: remove the unneeded locks (bsc#1127371).\n- cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).\n- cxgb4: Support ethtool private flags (bsc#1127371).\n- cxgb4: update supported DCB version (bsc#1127371).\n- cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).\n- cxgb4vf: Few more link management changes (bsc#1127374).\n- cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).\n- cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).\n- device_cgroup: fix RCU imbalance in error case (bsc#1051510).\n- Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bsc#1051510).\n- dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).\n- dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).\n- dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).\n- dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).\n- dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).\n- dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).\n- dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).\n- drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).\n- drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).\n- drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).\n- drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)\n- drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).\n- drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).\n- drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).\n- drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)\n- drm/i915/gvt: Annotate iomem usage (bsc#1051510).\n- drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).\n- drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)\n- drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)\n- drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check (bsc#1051510).\n- drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)\n- drm/mediatek: fix possible object reference leak (bsc#1051510).\n- drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)\n- drm/meson: Fix invalid pointer in meson_drv_unbind() (bsc#1051510).\n- drm/meson: Uninstall IRQ handler (bsc#1051510).\n- drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).\n- drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).\n- drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).\n- drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)\n- drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)\n- drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)\n- drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)\n- drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)\n- drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)\n- drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)\n- drm/udl: add a release method and delay modeset teardown (bsc#1085536)\n- drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)\n- dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20).\n- dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).\n- dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).\n- e1000e: fix cyclic resets at link up with active tx (bsc#1051510).\n- e1000e: Fix -Wformat-truncation warnings (bsc#1051510).\n- ext2: Fix underflow in ext2_max_size() (bsc#1131174).\n- ext4: add mask of ext4 flags to swap (bsc#1131170).\n- ext4: add missing brelse() in add_new_gdb_meta_bg() (bsc#1131176).\n- ext4: brelse all indirect buffer in ext4_ind_remove_space() (bsc#1131173).\n- ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).\n- ext4: cleanup pagecache before swap i_data (bsc#1131178).\n- ext4: fix check of inode in swap_inode_boot_loader (bsc#1131177).\n- ext4: fix data corruption caused by unaligned direct AIO (bsc#1131172).\n- ext4: fix EXT4_IOC_SWAP_BOOT (bsc#1131180).\n- ext4: fix NULL pointer dereference while journal is aborted (bsc#1131171).\n- ext4: update quota information while swapping boot loader inode (bsc#1131179).\n- fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).\n- fix cgroup_do_mount() handling of failure exits (bsc#1133095).\n- Fix kabi after 'md: batch flush requests.' (bsc#1119680).\n- Fix struct page kABI after adding atomic for ppc (bsc#1131326, bsc#1108937).\n- fm10k: Fix a potential NULL pointer dereference (bsc#1051510).\n- fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).\n- fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).\n- futex: Cure exit race (bsc#1050549).\n- futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).\n- futex: Handle early deadlock return correctly (bsc#1050549).\n- ghes, EDAC: Fix ghes_edac registration (bsc#1133176).\n- gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).\n- gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).\n- gpio: gpio-omap: fix level interrupt idling (bsc#1051510).\n- gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).\n- gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).\n- hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).\n- hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).\n- hid: input: add mapping for Assistant key (bsc#1051510).\n- hid: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).\n- hid: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).\n- hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).\n- hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07).\n- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).\n- hwrng: virtio - Avoid repeated init of completion (bsc#1051510).\n- i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).\n- ibmvnic: Enable GRO (bsc#1132227).\n- ibmvnic: Fix completion structure initialization (bsc#1131659).\n- ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).\n- iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).\n- iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).\n- iio: ad_sigma_delta: select channel when reading register (bsc#1051510).\n- iio: core: fix a possible circular locking dependency (bsc#1051510).\n- iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).\n- iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).\n- iio: Fix scan mask selection (bsc#1051510).\n- iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).\n- iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).\n- Input: introduce KEY_ASSISTANT (bsc#1051510).\n- Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).\n- Input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).\n- intel_idle: add support for Jacobsville (jsc#SLE-5394).\n- intel_th: msu: Fix single mode with IOMMU (bsc#1051510).\n- intel_th: pci: Add Comet Lake support (bsc#1051510).\n- io: accel: kxcjk1013: restore the range after resume (bsc#1051510).\n- iommu/amd: Set exclusion range correctly (bsc#1130425).\n- iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).\n- iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).\n- iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).\n- ip6_tunnel: fix ip6 tunnel lookup in collect_md mode (git-fixes).\n- ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).\n- ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).\n- ipmi_ssif: Remove duplicate NULL check (bsc#1108193).\n- ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).\n- ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).\n- ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).\n- ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).\n- ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).\n- ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15).\n- ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).\n- It's wrong to add len to sector_nr in raid10 reshape twice (git-fixes).\n- iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).\n- iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).\n- iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).\n- jbd2: clear dirty flag when revoking a buffer from an older transaction (bsc#1131167).\n- jbd2: fix compile warning when using JBUFFER_TRACE (bsc#1131168).\n- kABI: restore icmp_send (kabi).\n- kabi/severities: add cxgb4 and cxgb4vf shared data to the whitelis (bsc#1127372)\n- kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).\n- kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).\n- kbuild: modversions: Fix relative CRC byte order interpretation (bsc#1131290).\n- kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).\n- kcm: switch order of device registration to fix a crash (bnc#1130527).\n- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).\n- kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).\n- kernfs: do not set dentry->d_fsdata (boo#1133115).\n- KEYS: always initialize keyring_index_key::desc_len (bsc#1051510).\n- KEYS: user: Align the payload buffer (bsc#1051510).\n- KVM: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).\n- KVM: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).\n- KVM: Fix UAF in nested posted interrupt processing (bsc#1134199).\n- KVM: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).\n- KVM: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).\n- KVM: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).\n- KVM: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).\n- KVM: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).\n- KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).\n- KVM: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).\n- KVM: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).\n- KVM: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).\n- KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).\n- KVM: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).\n- KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).\n- KVM: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).\n- KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).\n- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).\n- KVM: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).\n- leds: avoid races with workqueue (bsc#1051510).\n- leds: pca9532: fix a potential NULL pointer dereference (bsc#1051510).\n- lib: add crc64 calculation routines (bsc#1130972).\n- libata: fix using DMA buffers on stack (bsc#1051510).\n- lib: do not depend on linux headers being installed (bsc#1130972).\n- lightnvm: if LUNs are already allocated fix return (bsc#1085535).\n- linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).\n- Linux v5.0-rc7: bcm2835 MMC issues (bsc#1070872).\n- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (bsc#1111331).\n- lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).\n- mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).\n- md: batch flush requests (bsc#1119680).\n- md: Fix failed allocation of md_register_thread (git-fixes).\n- md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).\n- md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).\n- media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).\n- media: cx23885: check allocation return (bsc#1051510).\n- media: davinci-isif: avoid uninitialized variable use (bsc#1051510).\n- media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).\n- media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).\n- media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).\n- media: pvrusb2: Prevent a buffer overflow (bsc#1129770).\n- media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).\n- media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).\n- media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).\n- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).\n- media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).\n- media: wl128x: prevent two potential buffer overflows (bsc#1051510).\n- mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S (bsc#1051510).\n- missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15).\n- mmc: core: fix possible use after free of host (bsc#1051510).\n- mmc: davinci: remove extraneous __init annotation (bsc#1051510).\n- mmc: sdhci: Fix data command CRC error handling (bsc#1051510).\n- mmc: sdhci: Handle auto-command errors (bsc#1051510).\n- mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).\n- mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).\n- mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).\n- mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd() (bsc#1126740).\n- mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).\n- mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).\n- mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07).\n- mt7601u: bump supported EEPROM version (bsc#1051510).\n- mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).\n- mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).\n- mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).\n- mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).\n- mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).\n- mwifiex: do not advertise IBSS features without FW support (bsc#1129770).\n- mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).\n- mwifiex: prevent an array overflow (bsc#1051510).\n- mwl8k: Fix rate_idx underflow (bsc#1051510).\n- net: Add header for usage of fls64() (networking-stable-19_02_20).\n- net: Add __icmp_send helper (networking-stable-19_03_07).\n- net: avoid false positives in untrusted gso validation (git-fixes).\n- net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).\n- net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).\n- net: bridge: add vlan_tunnel to bridge port policies (git-fixes).\n- net: bridge: fix per-port af_packet sockets (git-fixes).\n- net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes).\n- net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes).\n- net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20).\n- net: dsa: legacy: do not unmask port bitmaps (git-fixes).\n- net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).\n- netfilter: bridge: ebt_among: add missing match size checks (git-fixes).\n- netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).\n- netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes).\n- netfilter: drop template ct when conntrack is skipped (git-fixes).\n- netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes).\n- netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes).\n- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes).\n- netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).\n- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes).\n- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes).\n- net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20).\n- net: fix IPv6 prefix route residue (networking-stable-19_02_20).\n- net: Fix untag for vlan packets without ethernet header (git-fixes).\n- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes).\n- net/hsr: Check skb_put_padto() return value (git-fixes).\n- net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15).\n- net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).\n- net/ibmvnic: Update carrier state after link state change (bsc#1135100).\n- net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).\n- netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).\n- netlink: fix nla_put_{u8,u16,u32} for KASAN (git-fixes).\n- net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24).\n- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07).\n- net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24).\n- net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).\n- net_sched: acquire RTNL in tc_action_net_exit() (git-fixes).\n- net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24).\n- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15).\n- net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).\n- net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15).\n- net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07).\n- net: validate untrusted gso packets without csum offload (networking-stable-19_02_20).\n- net/x25: fix a race in x25_bind() (networking-stable-19_03_15).\n- net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15).\n- net/x25: reset state in x25_connect() (networking-stable-19_03_15).\n- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes).\n- NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).\n- NFS: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).\n- nfsd4: catch some false session retries (git-fixes).\n- nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).\n- NFS: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes).\n- NFS: Do not use page_file_mapping after removing the page (git-fixes).\n- NFS: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).\n- NFS: Fix a soft lockup in the delegation recovery code (git-fixes).\n- NFS: Fix a typo in nfs_init_timeout_values() (git-fixes).\n- NFS: Fix dentry revalidation on NFSv4 lookup (bsc#1132618).\n- NFS: Fix I/O request leakages (git-fixes).\n- NFS: fix mount/umount race in nlmclnt (git-fixes).\n- NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).\n- NFSv4.1 do not free interrupted slot on open (git-fixes).\n- NFSv4.1: Reinitialise sequence results before retransmitting a request (git-fixes).\n- NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).\n- nvme: add proper discard setup for the multipath device (bsc#1114638).\n- nvme: fix the dangerous reference of namespaces list (bsc#1131673).\n- nvme: make sure ns head inherits underlying device limits (bsc#1131673).\n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).\n- nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).\n- nvme: only reconfigure discard if necessary (bsc#1114638).\n- ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock (bsc#1131169).\n- ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.\n- omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).\n- openvswitch: add seqadj extension when NAT is used (bsc#1051510).\n- openvswitch: fix flow actions reallocation (bsc#1051510).\n- packet: validate msg_namelen in send directly (git-fixes).\n- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).\n- PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).\n- PCI: pciehp: Convert to threaded IRQ (bsc#1133005).\n- PCI: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).\n- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).\n- phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs (bsc#1051510).\n- platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).\n- platform/x86: dell-rbtn: Add missing #include (bsc#1051510).\n- platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).\n- platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).\n- platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).\n- platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).\n- powerpc/64: Call setup_barrier_nospec() from setup_arch() (bsc#1131107).\n- powerpc/64: Disable the speculation barrier from the command line (bsc#1131107).\n- powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).\n- powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (bsc#1131107).\n- powerpc/64s: Add new security feature flags for count cache flush (bsc#1131107).\n- powerpc/64s: Add support for software count cache flush (bsc#1131107).\n- powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).\n- powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).\n- powerpc/asm: Add a patch_site macro & helpers for patching instructions (bsc#1131107).\n- powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).\n- powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).\n- powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bsc#1061840).\n- powerpc/fsl: Fix spectre_v2 mitigations reporting (bsc#1131107).\n- powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).\n- powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).\n- powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).\n- powerpc/mm: Check secondary hash page table (bsc#1065729).\n- powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).\n- powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).\n- powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).\n- powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).\n- powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).\n- powerpc/numa: improve control of topology updates (bsc#1133584).\n- powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).\n- powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).\n- powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).\n- powerpc/powernv: Do not reprogram SLW image on every KVM guest entry/exit (bsc#1061840).\n- powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).\n- powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).\n- powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).\n- powerpc/powernv: Make opal log only readable by root (bsc#1065729).\n- powerpc/powernv: Query firmware for count cache flush settings (bsc#1131107).\n- powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).\n- powerpc/pseries: Query hypervisor for count cache flush settings (bsc#1131107).\n- powerpc/security: Fix spectre_v2 reporting (bsc#1131107).\n- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).\n- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).\n- proc/kcore: do not bounds check against address 0 (bsc#1051510).\n- proc: revalidate kernel thread inodes to root:root (bsc#1051510).\n- proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).\n- pwm: Fix deadlock warning when removing PWM device (bsc#1051510).\n- pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).\n- pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).\n- pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).\n- pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).\n- qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).\n- qla2xxx: always allocate qla_tgt_wq (bsc#1131451).\n- qmi_wwan: add Olicard 600 (bsc#1051510).\n- qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).\n- RAS/CEC: Check the correct variable in the debugfs error handling (bsc#1085535).\n- ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15).\n- rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).\n- rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).\n- rdma/cxgb4: Add support for srq functions & structs (bsc#1127371).\n- rdma/cxgb4: fix some info leaks (bsc#1127371).\n- RDMA/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).\n- rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).\n- RDMA/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).\n- rds: fix refcount bug in rds_sock_addref (git-fixes).\n- rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes).\n- Re-export snd_cards for kABI compatibility (bsc#1051510).\n- regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).\n- Revert 'ALSA: seq: Protect in-kernel ioctl calls with mutex' (bsc#1051510).\n- Revert 'block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers' (bsc#1110946, bsc#1119843).\n- Revert 'drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)' \n- Revert 'ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd' (bsc#1110946).\n- Revert 'tty: pty: Fix race condition between release_one_tty and pty_write' (bsc#1051510).\n- ring-buffer: Check if memory is available before allocation (bsc#1132531).\n- route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (networking-stable-19_03_15).\n- rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).\n- rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).\n- rxrpc: Do not release call mutex on error pointer (git-fixes).\n- rxrpc: Do not treat call aborts as conn aborts (git-fixes).\n- rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15).\n- rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).\n- s390/dasd: fix panic for failed online processing (bsc#1132589).\n- s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).\n- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).\n- sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).\n- sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).\n- scripts: override locale from environment when running recordmcount.pl (bsc#1134354).\n- scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).\n- scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).\n- scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).\n- sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24).\n- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes).\n- sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).\n- selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).\n- serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).\n- serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).\n- serial: max310x: Fix to avoid potential NULL pointer dereference (bsc#1051510).\n- serial: sh-sci: Fix setting SCSCR_TIE while transferring data (bsc#1051510).\n- serial: uartps: console_setup() can't be placed to init section (bsc#1051510).\n- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24).\n- SoC: imx-sgtl5000: add missing put_device() (bsc#1051510).\n- soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).\n- soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).\n- soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).\n- spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).\n- spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).\n- spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).\n- spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).\n- spi: rspi: Fix sequencer reset during initialization (bsc#1051510).\n- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510).\n- staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).\n- staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510).\n- staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).\n- staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).\n- staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).\n- staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).\n- staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).\n- staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).\n- stm class: Fix an endless loop in channel allocation (bsc#1051510).\n- stm class: Fix channel free in stm output free path (bsc#1051510).\n- stm class: Prevent division by zero (bsc#1051510).\n- sunrpc/cache: handle missing listeners better (bsc#1126221).\n- sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes).\n- supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).\n- supported.conf: Add vxlan to kernel-default-base (bsc#1132083).\n- supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).\n- svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).\n- svm: Fix AVIC DFR and LDR handling (bsc#1132558).\n- sysctl: handle overflow for file-max (bsc#1051510).\n- tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).\n- tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).\n- thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).\n- thermal/int340x_thermal: fix mode setting (bsc#1051510).\n- tipc: fix race condition causing hung sendto (networking-stable-19_03_07).\n- tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).\n- tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).\n- tracing: Fix buffer_ref pipe ops (bsc#1133698).\n- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).\n- tty: atmel_serial: fix a potential NULL pointer dereference (bsc#1051510).\n- tty: increase the default flip buffer limit to 2*640K (bsc#1051510).\n- tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).\n- tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).\n- tun: fix blocking read (networking-stable-19_03_07).\n- tun: remove unnecessary memory barrier (networking-stable-19_03_07).\n- UAS: fix alignment of scatter/gather segments (bsc#1129770).\n- udf: Fix crash on IO error during truncate (bsc#1131175).\n- usb: cdc-acm: fix unthrottle races (bsc#1051510).\n- usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510).\n- usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).\n- usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).\n- usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).\n- usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).\n- usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).\n- usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).\n- usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk (bsc#1051510).\n- usb: mtu3: fix EXTCON dependency (bsc#1051510).\n- usb: serial: cp210x: add new device id (bsc#1051510).\n- usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).\n- usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).\n- usb: serial: fix unthrottle races (bsc#1051510).\n- usb: serial: ftdi_sio: add additional NovaTech products (bsc#1051510).\n- usb: serial: option: add Olicard 600 (bsc#1051510).\n- usb: serial: option: add support for Quectel EM12 (bsc#1051510).\n- usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).\n- usb: u132-hcd: fix resource leak (bsc#1051510).\n- usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).\n- usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).\n- usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).\n- usb: yurex: Fix protection fault after device removal (bsc#1051510).\n- vfio/mdev: Avoid release parent reference during error path (bsc#1051510).\n- vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).\n- vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).\n- vfio/pci: use correct format characters (bsc#1051510).\n- vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).\n- vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).\n- vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).\n- vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).\n- vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).\n- vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).\n- vfs: limit size of dedupe (bsc#1132397, bsc#1132219).\n- vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).\n- vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).\n- vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).\n- vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).\n- vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).\n- video: fbdev: Set pixclock = 0 in goldfishfb (bsc#1051510).\n- virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).\n- virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).\n- virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).\n- vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).\n- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).\n- vsock/virtio: reset connected sockets on device removal (bsc#1051510).\n- vxlan: test dev->flags & IFF_UP before calling netif_rx() (networking-stable-19_02_20).\n- wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).\n- wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).\n- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).\n- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331).\n- x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).\n- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).\n- x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).\n- x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and PCIE SMCA bank types (bsc#1128415).\n- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).\n- x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).\n- x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).\n- x86/mce: Handle varying MCA bank counts (bsc#1128415).\n- x86/msr-index: Cleanup bit defines (bsc#1111331).\n- x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).\n- x86/speculation: Consolidate CPU whitelists (bsc#1111331).\n- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).\n- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).\n- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).\n- x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331).\n- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).\n- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).\n- x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331).\n- x86/speculation/mds: Add SMT warning message (bsc#1111331).\n- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).\n- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).\n- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).\n- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bsc#1111331).\n- x86/speculation: Move arch_smt_update() call to after mitigation decisions (bsc#1111331).\n- x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).\n- x86/speculation: Simplify the CPU bug detection logic (bsc#1111331).\n- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).\n- x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).\n- xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07).\n- xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07).\n- xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).\n- xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes).\n- xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).\n- xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).\n- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).\n- xfrm: Return error on unknown encap_type in init_state (git-fixes).\n- xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).\n- xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).\n- xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).\n- xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).\n- xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).\n- xfs: detect and fix bad summary counts at mount (bsc#1114427).\n- xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).\n- xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).\n- xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).\n- xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).\n- xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).\n- xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675).\n- xfs: kill meaningless variable 'zero' (bsc#1106011).\n- xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).\n- xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).\n- xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).\n- xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).\n- xfs: refactor xfs_trans_roll (bsc#1133667).\n- xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).\n- xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).\n- xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).\n- xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).\n- xfs: remove xfs_zero_range (bsc#1106011).\n- xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).\n- xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).\n- xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).\n- xhci: Do not let USB3 ports stuck in polling state prevent suspend (bsc#1051510).\n- xhci: Fix port resume done detection for SS ports with LPM enabled (bsc#1051510).\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-1404", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1404-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:1404-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZZ2FZBVA3Q7VOUC5KRK2EODJSBYJDCKH/#ZZ2FZBVA3Q7VOUC5KRK2EODJSBYJDCKH", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:1404-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZZ2FZBVA3Q7VOUC5KRK2EODJSBYJDCKH/#ZZ2FZBVA3Q7VOUC5KRK2EODJSBYJDCKH", }, { category: "self", summary: "SUSE Bug 1050549", url: "https://bugzilla.suse.com/1050549", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1052904", url: "https://bugzilla.suse.com/1052904", }, { category: "self", summary: "SUSE Bug 1053043", url: "https://bugzilla.suse.com/1053043", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1055121", url: "https://bugzilla.suse.com/1055121", }, { category: "self", summary: "SUSE Bug 1055186", url: "https://bugzilla.suse.com/1055186", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1063638", url: "https://bugzilla.suse.com/1063638", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1070872", url: "https://bugzilla.suse.com/1070872", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1088804", url: "https://bugzilla.suse.com/1088804", }, { category: "self", summary: "SUSE Bug 1097583", url: "https://bugzilla.suse.com/1097583", }, { category: "self", summary: "SUSE Bug 1097584", url: "https://bugzilla.suse.com/1097584", }, { category: "self", summary: "SUSE Bug 1097585", url: "https://bugzilla.suse.com/1097585", }, { category: "self", summary: "SUSE Bug 1097586", url: "https://bugzilla.suse.com/1097586", }, { category: "self", summary: "SUSE Bug 1097587", url: "https://bugzilla.suse.com/1097587", }, { category: "self", summary: "SUSE Bug 1097588", url: "https://bugzilla.suse.com/1097588", }, { category: "self", summary: "SUSE Bug 1103186", url: "https://bugzilla.suse.com/1103186", }, { category: "self", summary: "SUSE Bug 1103259", url: "https://bugzilla.suse.com/1103259", }, { category: "self", summary: "SUSE Bug 1106011", url: "https://bugzilla.suse.com/1106011", }, { category: "self", summary: "SUSE Bug 1108193", url: "https://bugzilla.suse.com/1108193", }, { category: "self", summary: "SUSE Bug 1108838", url: "https://bugzilla.suse.com/1108838", }, { category: "self", summary: "SUSE Bug 1108937", url: "https://bugzilla.suse.com/1108937", }, { category: "self", summary: "SUSE Bug 1110946", url: "https://bugzilla.suse.com/1110946", }, { category: "self", summary: "SUSE Bug 1111331", url: "https://bugzilla.suse.com/1111331", }, { category: "self", summary: "SUSE Bug 1112063", url: "https://bugzilla.suse.com/1112063", }, { category: "self", summary: "SUSE Bug 1112128", url: "https://bugzilla.suse.com/1112128", }, { category: "self", summary: "SUSE Bug 1112178", url: "https://bugzilla.suse.com/1112178", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 1114427", url: "https://bugzilla.suse.com/1114427", }, { category: "self", summary: "SUSE Bug 1114542", url: "https://bugzilla.suse.com/1114542", }, { category: "self", summary: "SUSE Bug 1114638", url: "https://bugzilla.suse.com/1114638", }, { category: "self", summary: "SUSE Bug 1119680", url: "https://bugzilla.suse.com/1119680", }, { category: "self", summary: "SUSE Bug 1119843", url: "https://bugzilla.suse.com/1119843", }, { category: "self", summary: "SUSE Bug 1120318", url: "https://bugzilla.suse.com/1120318", }, { category: "self", summary: "SUSE Bug 1120902", url: "https://bugzilla.suse.com/1120902", }, { category: "self", summary: "SUSE Bug 1122767", url: "https://bugzilla.suse.com/1122767", }, { category: "self", summary: "SUSE Bug 1122776", url: "https://bugzilla.suse.com/1122776", }, { category: "self", summary: "SUSE Bug 1124839", url: "https://bugzilla.suse.com/1124839", }, { category: "self", summary: "SUSE Bug 1126221", url: "https://bugzilla.suse.com/1126221", }, { category: "self", summary: "SUSE Bug 1126704", url: "https://bugzilla.suse.com/1126704", }, { category: "self", summary: "SUSE Bug 1126740", url: "https://bugzilla.suse.com/1126740", }, { category: "self", summary: "SUSE Bug 1127175", url: "https://bugzilla.suse.com/1127175", }, { category: "self", summary: "SUSE Bug 1127371", url: "https://bugzilla.suse.com/1127371", }, { category: "self", summary: "SUSE Bug 1127372", url: "https://bugzilla.suse.com/1127372", }, { category: "self", summary: "SUSE Bug 1127374", url: "https://bugzilla.suse.com/1127374", }, { category: "self", summary: "SUSE Bug 1128052", url: "https://bugzilla.suse.com/1128052", }, { category: "self", summary: "SUSE Bug 1128415", url: "https://bugzilla.suse.com/1128415", }, { category: "self", summary: "SUSE Bug 1128544", url: "https://bugzilla.suse.com/1128544", }, { category: "self", summary: "SUSE Bug 1128979", url: "https://bugzilla.suse.com/1128979", }, { category: "self", summary: "SUSE Bug 1129138", url: "https://bugzilla.suse.com/1129138", }, { category: "self", summary: "SUSE Bug 1129273", url: "https://bugzilla.suse.com/1129273", }, { category: "self", summary: "SUSE Bug 1129497", url: "https://bugzilla.suse.com/1129497", }, { category: "self", summary: "SUSE Bug 1129770", url: "https://bugzilla.suse.com/1129770", }, { category: "self", summary: "SUSE Bug 1130195", url: "https://bugzilla.suse.com/1130195", }, { category: "self", summary: "SUSE Bug 1130425", url: "https://bugzilla.suse.com/1130425", }, { category: "self", summary: "SUSE Bug 1130527", url: "https://bugzilla.suse.com/1130527", }, { category: "self", summary: "SUSE Bug 1130567", url: "https://bugzilla.suse.com/1130567", }, { category: "self", summary: "SUSE Bug 1130579", url: "https://bugzilla.suse.com/1130579", }, { category: "self", summary: "SUSE Bug 1130972", url: "https://bugzilla.suse.com/1130972", }, { category: "self", summary: "SUSE Bug 1131107", url: "https://bugzilla.suse.com/1131107", }, { category: "self", summary: "SUSE Bug 1131167", url: "https://bugzilla.suse.com/1131167", }, { category: "self", summary: "SUSE Bug 1131168", url: "https://bugzilla.suse.com/1131168", }, { category: "self", summary: "SUSE Bug 1131169", url: "https://bugzilla.suse.com/1131169", }, { category: "self", summary: "SUSE Bug 1131170", url: "https://bugzilla.suse.com/1131170", }, { category: "self", summary: "SUSE Bug 1131171", url: "https://bugzilla.suse.com/1131171", }, { category: "self", summary: "SUSE Bug 1131172", url: "https://bugzilla.suse.com/1131172", }, { category: "self", summary: "SUSE Bug 1131173", url: "https://bugzilla.suse.com/1131173", }, { category: "self", summary: "SUSE Bug 1131174", url: "https://bugzilla.suse.com/1131174", }, { category: "self", summary: "SUSE Bug 1131175", url: "https://bugzilla.suse.com/1131175", }, { category: "self", summary: "SUSE Bug 1131176", url: "https://bugzilla.suse.com/1131176", }, { category: "self", summary: "SUSE Bug 1131177", url: "https://bugzilla.suse.com/1131177", }, { category: "self", summary: "SUSE Bug 1131178", url: "https://bugzilla.suse.com/1131178", }, { category: "self", summary: "SUSE Bug 1131179", url: "https://bugzilla.suse.com/1131179", }, { category: "self", summary: "SUSE Bug 1131180", url: "https://bugzilla.suse.com/1131180", }, { category: "self", summary: "SUSE Bug 1131290", url: "https://bugzilla.suse.com/1131290", }, { category: "self", summary: "SUSE Bug 1131326", url: "https://bugzilla.suse.com/1131326", }, { category: "self", summary: "SUSE Bug 1131335", url: "https://bugzilla.suse.com/1131335", }, { category: "self", summary: "SUSE Bug 1131336", url: "https://bugzilla.suse.com/1131336", }, { category: "self", summary: "SUSE Bug 1131416", url: "https://bugzilla.suse.com/1131416", }, { category: "self", summary: "SUSE Bug 1131427", url: "https://bugzilla.suse.com/1131427", }, { category: "self", summary: "SUSE Bug 1131442", url: "https://bugzilla.suse.com/1131442", }, { category: "self", summary: "SUSE Bug 1131451", url: "https://bugzilla.suse.com/1131451", }, { category: "self", summary: "SUSE Bug 1131467", url: "https://bugzilla.suse.com/1131467", }, { category: "self", summary: "SUSE Bug 1131488", url: "https://bugzilla.suse.com/1131488", }, { category: "self", summary: "SUSE Bug 1131574", url: "https://bugzilla.suse.com/1131574", }, { category: "self", summary: "SUSE Bug 1131587", url: "https://bugzilla.suse.com/1131587", }, { category: "self", summary: "SUSE Bug 1131659", url: "https://bugzilla.suse.com/1131659", }, { category: "self", summary: "SUSE Bug 1131673", url: "https://bugzilla.suse.com/1131673", }, { category: "self", summary: "SUSE Bug 1131847", url: "https://bugzilla.suse.com/1131847", }, { category: "self", summary: "SUSE Bug 1131848", url: "https://bugzilla.suse.com/1131848", }, { category: "self", summary: "SUSE Bug 1131851", url: "https://bugzilla.suse.com/1131851", }, { category: "self", summary: "SUSE Bug 1131900", url: "https://bugzilla.suse.com/1131900", }, { category: "self", summary: "SUSE Bug 1131934", url: "https://bugzilla.suse.com/1131934", }, { category: "self", summary: "SUSE Bug 1131935", url: "https://bugzilla.suse.com/1131935", }, { category: "self", summary: "SUSE Bug 1132044", url: "https://bugzilla.suse.com/1132044", }, { category: "self", summary: "SUSE Bug 1132083", url: "https://bugzilla.suse.com/1132083", }, { category: "self", summary: "SUSE Bug 1132219", url: "https://bugzilla.suse.com/1132219", }, { category: "self", summary: "SUSE Bug 1132226", url: "https://bugzilla.suse.com/1132226", }, { category: "self", summary: "SUSE Bug 1132227", url: "https://bugzilla.suse.com/1132227", }, { category: "self", summary: "SUSE Bug 1132365", url: "https://bugzilla.suse.com/1132365", }, { category: "self", summary: "SUSE Bug 1132368", url: "https://bugzilla.suse.com/1132368", }, { category: "self", summary: "SUSE Bug 1132369", url: "https://bugzilla.suse.com/1132369", }, { category: "self", summary: "SUSE Bug 1132370", url: "https://bugzilla.suse.com/1132370", }, { category: "self", summary: "SUSE Bug 1132372", url: "https://bugzilla.suse.com/1132372", }, { category: "self", summary: "SUSE Bug 1132373", url: "https://bugzilla.suse.com/1132373", }, { category: "self", summary: "SUSE Bug 1132384", url: "https://bugzilla.suse.com/1132384", }, { category: "self", summary: "SUSE Bug 1132397", url: "https://bugzilla.suse.com/1132397", }, { category: "self", summary: "SUSE Bug 1132402", url: "https://bugzilla.suse.com/1132402", }, { category: "self", summary: "SUSE Bug 1132403", url: "https://bugzilla.suse.com/1132403", }, { category: "self", summary: "SUSE Bug 1132404", url: "https://bugzilla.suse.com/1132404", }, { category: "self", summary: "SUSE Bug 1132405", url: "https://bugzilla.suse.com/1132405", }, { category: "self", summary: "SUSE Bug 1132407", url: "https://bugzilla.suse.com/1132407", }, { category: "self", summary: "SUSE Bug 1132411", url: "https://bugzilla.suse.com/1132411", }, { category: "self", summary: "SUSE Bug 1132412", url: "https://bugzilla.suse.com/1132412", }, { category: "self", summary: "SUSE Bug 1132413", url: "https://bugzilla.suse.com/1132413", }, { category: "self", summary: "SUSE Bug 1132414", url: "https://bugzilla.suse.com/1132414", }, { category: "self", summary: "SUSE Bug 1132426", url: "https://bugzilla.suse.com/1132426", }, { category: "self", summary: "SUSE Bug 1132527", url: "https://bugzilla.suse.com/1132527", }, { category: "self", summary: "SUSE Bug 1132531", url: "https://bugzilla.suse.com/1132531", }, { category: "self", summary: "SUSE Bug 1132555", url: "https://bugzilla.suse.com/1132555", }, { category: "self", summary: "SUSE Bug 1132558", url: "https://bugzilla.suse.com/1132558", }, { category: "self", summary: "SUSE Bug 1132561", url: "https://bugzilla.suse.com/1132561", }, { category: "self", summary: "SUSE Bug 1132562", url: "https://bugzilla.suse.com/1132562", }, { category: "self", summary: "SUSE Bug 1132563", url: "https://bugzilla.suse.com/1132563", }, { category: "self", summary: "SUSE Bug 1132564", url: "https://bugzilla.suse.com/1132564", }, { category: "self", summary: "SUSE Bug 1132570", url: "https://bugzilla.suse.com/1132570", }, { category: "self", summary: "SUSE Bug 1132571", url: "https://bugzilla.suse.com/1132571", }, { category: "self", summary: "SUSE Bug 1132572", url: "https://bugzilla.suse.com/1132572", }, { category: "self", summary: "SUSE Bug 1132589", url: "https://bugzilla.suse.com/1132589", }, { category: "self", summary: "SUSE Bug 1132618", url: "https://bugzilla.suse.com/1132618", }, { category: "self", summary: "SUSE Bug 1132681", url: "https://bugzilla.suse.com/1132681", }, { category: "self", summary: "SUSE Bug 1132726", url: "https://bugzilla.suse.com/1132726", }, { category: "self", summary: "SUSE Bug 1132828", url: "https://bugzilla.suse.com/1132828", }, { category: "self", summary: "SUSE Bug 1132943", url: "https://bugzilla.suse.com/1132943", }, { category: "self", summary: "SUSE Bug 1133005", url: "https://bugzilla.suse.com/1133005", }, { category: "self", summary: "SUSE Bug 1133094", url: "https://bugzilla.suse.com/1133094", }, { category: "self", summary: "SUSE Bug 1133095", url: "https://bugzilla.suse.com/1133095", }, { category: "self", summary: "SUSE Bug 1133115", url: "https://bugzilla.suse.com/1133115", }, { category: "self", summary: "SUSE Bug 1133149", url: "https://bugzilla.suse.com/1133149", }, { category: "self", summary: "SUSE Bug 1133176", url: "https://bugzilla.suse.com/1133176", }, { category: "self", summary: "SUSE Bug 1133188", url: "https://bugzilla.suse.com/1133188", }, { category: "self", summary: "SUSE Bug 1133486", url: "https://bugzilla.suse.com/1133486", }, { category: "self", summary: "SUSE Bug 1133529", url: "https://bugzilla.suse.com/1133529", }, { category: "self", summary: "SUSE Bug 1133584", url: "https://bugzilla.suse.com/1133584", }, { category: "self", summary: "SUSE Bug 1133667", url: "https://bugzilla.suse.com/1133667", }, { category: "self", summary: "SUSE Bug 1133668", url: "https://bugzilla.suse.com/1133668", }, { category: "self", summary: "SUSE Bug 1133672", url: "https://bugzilla.suse.com/1133672", }, { category: "self", summary: "SUSE Bug 1133674", url: "https://bugzilla.suse.com/1133674", }, { category: "self", summary: "SUSE Bug 1133675", url: "https://bugzilla.suse.com/1133675", }, { category: "self", summary: "SUSE Bug 1133698", url: "https://bugzilla.suse.com/1133698", }, { category: "self", summary: "SUSE Bug 1133702", url: "https://bugzilla.suse.com/1133702", }, { category: "self", summary: "SUSE Bug 1133731", url: "https://bugzilla.suse.com/1133731", }, { category: "self", summary: "SUSE Bug 1133769", url: "https://bugzilla.suse.com/1133769", }, { category: "self", summary: "SUSE Bug 1133772", url: "https://bugzilla.suse.com/1133772", }, { category: "self", summary: "SUSE Bug 1133774", url: "https://bugzilla.suse.com/1133774", }, { category: "self", summary: "SUSE Bug 1133778", url: "https://bugzilla.suse.com/1133778", }, { category: "self", summary: "SUSE Bug 1133779", url: "https://bugzilla.suse.com/1133779", }, { category: "self", summary: "SUSE Bug 1133780", url: "https://bugzilla.suse.com/1133780", }, { category: "self", summary: "SUSE Bug 1133825", url: "https://bugzilla.suse.com/1133825", }, { category: "self", summary: "SUSE Bug 1133850", url: "https://bugzilla.suse.com/1133850", }, { category: "self", summary: "SUSE Bug 1133851", url: "https://bugzilla.suse.com/1133851", }, { category: "self", summary: "SUSE Bug 1133852", url: "https://bugzilla.suse.com/1133852", }, { category: "self", summary: "SUSE Bug 1134160", url: "https://bugzilla.suse.com/1134160", }, { category: "self", summary: "SUSE Bug 1134162", url: "https://bugzilla.suse.com/1134162", }, { category: "self", summary: "SUSE Bug 1134199", url: "https://bugzilla.suse.com/1134199", }, { category: "self", summary: "SUSE Bug 1134200", url: "https://bugzilla.suse.com/1134200", }, { category: "self", summary: "SUSE Bug 1134201", url: "https://bugzilla.suse.com/1134201", }, { category: "self", summary: "SUSE Bug 1134202", url: "https://bugzilla.suse.com/1134202", }, { category: "self", summary: "SUSE Bug 1134203", url: "https://bugzilla.suse.com/1134203", }, { category: "self", summary: "SUSE Bug 1134204", url: "https://bugzilla.suse.com/1134204", }, { category: "self", summary: "SUSE Bug 1134205", url: "https://bugzilla.suse.com/1134205", }, { category: "self", summary: "SUSE Bug 1134354", url: "https://bugzilla.suse.com/1134354", }, { category: "self", summary: "SUSE Bug 1134393", url: "https://bugzilla.suse.com/1134393", }, { category: "self", summary: "SUSE Bug 1134459", url: "https://bugzilla.suse.com/1134459", }, { category: "self", summary: "SUSE Bug 1134460", url: "https://bugzilla.suse.com/1134460", }, { category: "self", summary: "SUSE Bug 1134461", url: "https://bugzilla.suse.com/1134461", }, { category: "self", summary: "SUSE Bug 1134537", url: "https://bugzilla.suse.com/1134537", }, { category: "self", summary: "SUSE Bug 1134651", url: "https://bugzilla.suse.com/1134651", }, { category: "self", summary: "SUSE Bug 1134760", url: "https://bugzilla.suse.com/1134760", }, { category: "self", summary: "SUSE Bug 1134810", url: "https://bugzilla.suse.com/1134810", }, { category: "self", summary: "SUSE Bug 1134813", url: "https://bugzilla.suse.com/1134813", }, { category: "self", summary: "SUSE Bug 1134848", url: "https://bugzilla.suse.com/1134848", }, { category: "self", summary: "SUSE Bug 1135006", url: "https://bugzilla.suse.com/1135006", }, { category: "self", summary: "SUSE Bug 1135007", url: "https://bugzilla.suse.com/1135007", }, { category: "self", summary: "SUSE Bug 1135008", url: "https://bugzilla.suse.com/1135008", }, { category: "self", summary: "SUSE Bug 1135100", url: "https://bugzilla.suse.com/1135100", }, { category: "self", summary: "SUSE CVE CVE-2018-12126 page", url: "https://www.suse.com/security/cve/CVE-2018-12126/", }, { category: "self", summary: "SUSE CVE CVE-2018-12127 page", url: "https://www.suse.com/security/cve/CVE-2018-12127/", }, { category: "self", summary: "SUSE CVE CVE-2018-12130 page", url: "https://www.suse.com/security/cve/CVE-2018-12130/", }, { category: "self", summary: "SUSE CVE CVE-2018-16880 page", url: "https://www.suse.com/security/cve/CVE-2018-16880/", }, { category: "self", summary: "SUSE CVE CVE-2019-11091 page", url: "https://www.suse.com/security/cve/CVE-2019-11091/", }, { category: "self", summary: "SUSE CVE CVE-2019-11486 page", url: "https://www.suse.com/security/cve/CVE-2019-11486/", }, { category: "self", summary: "SUSE CVE CVE-2019-11815 page", url: "https://www.suse.com/security/cve/CVE-2019-11815/", }, { category: "self", summary: "SUSE CVE CVE-2019-11884 page", url: "https://www.suse.com/security/cve/CVE-2019-11884/", }, { category: "self", summary: "SUSE CVE CVE-2019-3882 page", url: "https://www.suse.com/security/cve/CVE-2019-3882/", }, { category: "self", summary: "SUSE CVE CVE-2019-9003 page", url: "https://www.suse.com/security/cve/CVE-2019-9003/", }, { category: "self", summary: "SUSE CVE CVE-2019-9500 page", url: "https://www.suse.com/security/cve/CVE-2019-9500/", }, { category: "self", summary: "SUSE CVE CVE-2019-9503 page", url: "https://www.suse.com/security/cve/CVE-2019-9503/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-05-16T09:25:56Z", generator: { date: "2019-05-16T09:25:56Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:1404-1", initial_release_date: "2019-05-16T09:25:56Z", revision_history: [ { date: "2019-05-16T09:25:56Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-lp150.12.61.1.noarch", product: { name: "kernel-devel-4.12.14-lp150.12.61.1.noarch", product_id: "kernel-devel-4.12.14-lp150.12.61.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-lp150.12.61.1.noarch", product: { name: "kernel-docs-4.12.14-lp150.12.61.1.noarch", product_id: "kernel-docs-4.12.14-lp150.12.61.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-lp150.12.61.1.noarch", product: { name: "kernel-docs-html-4.12.14-lp150.12.61.1.noarch", product_id: "kernel-docs-html-4.12.14-lp150.12.61.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-lp150.12.61.1.noarch", product: { name: "kernel-macros-4.12.14-lp150.12.61.1.noarch", product_id: "kernel-macros-4.12.14-lp150.12.61.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-lp150.12.61.1.noarch", product: { name: "kernel-source-4.12.14-lp150.12.61.1.noarch", product_id: "kernel-source-4.12.14-lp150.12.61.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", product_id: "kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-debug-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-debug-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-debug-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-default-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-default-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-default-base-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-default-base-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-syms-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-syms-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.0", product: { name: "openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.0", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-debug-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-debug-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-base-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-default-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-lp150.12.61.1.noarch as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", }, product_reference: "kernel-devel-4.12.14-lp150.12.61.1.noarch", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-lp150.12.61.1.noarch as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", }, product_reference: "kernel-docs-4.12.14-lp150.12.61.1.noarch", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-html-4.12.14-lp150.12.61.1.noarch as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", }, product_reference: "kernel-docs-html-4.12.14-lp150.12.61.1.noarch", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-lp150.12.61.1.noarch as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", }, product_reference: "kernel-macros-4.12.14-lp150.12.61.1.noarch", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-lp150.12.61.1.noarch as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", }, product_reference: "kernel-source-4.12.14-lp150.12.61.1.noarch", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", }, product_reference: "kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-syms-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", }, product_reference: "kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-12126", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12126", }, ], notes: [ { category: "general", text: "Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12126", url: "https://www.suse.com/security/cve/CVE-2018-12126", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12126", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12126", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12126", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1135524 for CVE-2018-12126", url: "https://bugzilla.suse.com/1135524", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12126", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12126", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12126", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1149725 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149725", }, { category: "external", summary: "SUSE Bug 1149726 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149726", }, { category: "external", summary: "SUSE Bug 1149729 for CVE-2018-12126", url: "https://bugzilla.suse.com/1149729", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12126", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12126", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2018-12126", }, { cve: "CVE-2018-12127", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12127", }, ], notes: [ { category: "general", text: "Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12127", url: "https://www.suse.com/security/cve/CVE-2018-12127", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12127", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12127", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12127", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12127", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12127", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12127", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12127", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12127", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2018-12127", }, { cve: "CVE-2018-12130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12130", }, ], notes: [ { category: "general", text: "Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12130", url: "https://www.suse.com/security/cve/CVE-2018-12130", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2018-12130", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2018-12130", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2018-12130", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1135409 for CVE-2018-12130", url: "https://bugzilla.suse.com/1135409", }, { category: "external", summary: "SUSE Bug 1137916 for CVE-2018-12130", url: "https://bugzilla.suse.com/1137916", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2018-12130", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2018-12130", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2018-12130", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2018-12130", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2018-12130", }, { cve: "CVE-2018-16880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16880", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16880", url: "https://www.suse.com/security/cve/CVE-2018-16880", }, { category: "external", summary: "SUSE Bug 1122767 for CVE-2018-16880", url: "https://bugzilla.suse.com/1122767", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2018-16880", }, { cve: "CVE-2019-11091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11091", }, ], notes: [ { category: "general", text: "Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11091", url: "https://www.suse.com/security/cve/CVE-2019-11091", }, { category: "external", summary: "SUSE Bug 1103186 for CVE-2019-11091", url: "https://bugzilla.suse.com/1103186", }, { category: "external", summary: "SUSE Bug 1111331 for CVE-2019-11091", url: "https://bugzilla.suse.com/1111331", }, { category: "external", summary: "SUSE Bug 1132686 for CVE-2019-11091", url: "https://bugzilla.suse.com/1132686", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-11091", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1135394 for CVE-2019-11091", url: "https://bugzilla.suse.com/1135394", }, { category: "external", summary: "SUSE Bug 1138043 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138043", }, { category: "external", summary: "SUSE Bug 1138534 for CVE-2019-11091", url: "https://bugzilla.suse.com/1138534", }, { category: "external", summary: "SUSE Bug 1141977 for CVE-2019-11091", url: "https://bugzilla.suse.com/1141977", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2019-11091", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2019-11091", url: "https://bugzilla.suse.com/1201877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2019-11091", }, { cve: "CVE-2019-11486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11486", }, ], notes: [ { category: "general", text: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11486", url: "https://www.suse.com/security/cve/CVE-2019-11486", }, { category: "external", summary: "SUSE Bug 1133188 for CVE-2019-11486", url: "https://bugzilla.suse.com/1133188", }, { category: "external", summary: "SUSE Bug 1156434 for CVE-2019-11486", url: "https://bugzilla.suse.com/1156434", }, { category: "external", summary: "SUSE Bug 1173667 for CVE-2019-11486", url: "https://bugzilla.suse.com/1173667", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2019-11486", }, { cve: "CVE-2019-11815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11815", }, ], notes: [ { category: "general", text: "An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11815", url: "https://www.suse.com/security/cve/CVE-2019-11815", }, { category: "external", summary: "SUSE Bug 1134537 for CVE-2019-11815", url: "https://bugzilla.suse.com/1134537", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2019-11815", }, { cve: "CVE-2019-11884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11884", }, ], notes: [ { category: "general", text: "The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11884", url: "https://www.suse.com/security/cve/CVE-2019-11884", }, { category: "external", summary: "SUSE Bug 1134848 for CVE-2019-11884", url: "https://bugzilla.suse.com/1134848", }, { category: "external", summary: "SUSE Bug 1139868 for CVE-2019-11884", url: "https://bugzilla.suse.com/1139868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "low", }, ], title: "CVE-2019-11884", }, { cve: "CVE-2019-3882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3882", url: "https://www.suse.com/security/cve/CVE-2019-3882", }, { category: "external", summary: "SUSE Bug 1131416 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131416", }, { category: "external", summary: "SUSE Bug 1131427 for CVE-2019-3882", url: "https://bugzilla.suse.com/1131427", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-3882", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2019-3882", }, { cve: "CVE-2019-9003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9003", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a \"service ipmievd restart\" loop.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9003", url: "https://www.suse.com/security/cve/CVE-2019-9003", }, { category: "external", summary: "SUSE Bug 1126704 for CVE-2019-9003", url: "https://bugzilla.suse.com/1126704", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2019-9003", }, { cve: "CVE-2019-9500", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9500", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9500", url: "https://www.suse.com/security/cve/CVE-2019-9500", }, { category: "external", summary: "SUSE Bug 1132681 for CVE-2019-9500", url: "https://bugzilla.suse.com/1132681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2019-9500", }, { cve: "CVE-2019-9503", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9503", }, ], notes: [ { category: "general", text: "The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9503", url: "https://www.suse.com/security/cve/CVE-2019-9503", }, { category: "external", summary: "SUSE Bug 1132673 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132673", }, { category: "external", summary: "SUSE Bug 1132828 for CVE-2019-9503", url: "https://bugzilla.suse.com/1132828", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2019-9503", url: "https://bugzilla.suse.com/1133319", }, { category: "external", summary: "SUSE Bug 1156653 for CVE-2019-9503", url: "https://bugzilla.suse.com/1156653", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.61.1.noarch", "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.61.1.x86_64", "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.61.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-05-16T09:25:56Z", details: "moderate", }, ], title: "CVE-2019-9503", }, ], }
fkie_cve-2019-11486
Vulnerability from fkie_nvd
Published
2019-04-23 22:29
Modified
2024-11-21 04:21
Severity ?
Summary
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| debian | debian_linux | 9.0 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 42.3 | |
| netapp | active_iq | - | |
| netapp | hci_management_node | - | |
| netapp | snapprotect | - | |
| netapp | solidfire | - | |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.7 | |
| netapp | vasa_provider_for_clustered_data_ontap | 9.7 | |
| netapp | virtual_storage_console | 9.7 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "F97FFEB5-C81D-4AB4-94F7-F2D480663DDA", versionEndExcluding: "3.16.66", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "38D2BE0B-B7B1-4798-AE02-F25BCE43D452", versionEndExcluding: "3.18.139", versionStartIncluding: "3.17", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "4C8AD265-4D57-4C96-8CDE-E40908DC401D", versionEndExcluding: "4.4.179", versionStartIncluding: "3.19", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "30B4C182-BE81-4381-94C5-BAC55EA22B46", versionEndExcluding: "4.9.169", versionStartIncluding: "4.5", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "A4CEB6C0-CF37-412C-8804-8B5BB13A6EC7", versionEndExcluding: "4.14.112", versionStartIncluding: "4.10", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "E62E5576-988B-40C3-94E3-3402FC8C6EE6", versionEndExcluding: "4.19.35", versionStartIncluding: "4.15", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "5A9EC3D3-2514-4C33-8BAA-2F2D52E37B54", versionEndExcluding: "5.0.8", versionStartIncluding: "4.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq:-:*:*:*:*:*:*:*", matchCriteriaId: "EF29713A-2852-4E3D-9666-4001C7E8B667", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*", matchCriteriaId: "F74F467A-0C81-40D9-BA06-40FB8EF02C04", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.7:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "15BC23DF-BBA1-4CD3-A800-FEACF501021D", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.7:*:*:*:*:*:*:*", matchCriteriaId: "73CBA7B6-1C6C-4FDF-BBCE-705940A145C9", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:virtual_storage_console:9.7:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "4AFD6E9F-C0C2-4B9B-B740-000C67E64036", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", }, { lang: "es", value: "El controlador de disciplina de línea Siemens R3964 en drivers/tty/n_r3964.c en el kernel de Linux antes de la versión 5.0.8 tiene múltiples condiciones de carrera.", }, ], id: "CVE-2019-11486", lastModified: "2024-11-21T04:21:10.827", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-23T22:29:05.133", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/26", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190517-0005/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K50222414", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190517-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K50222414", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4465", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2019-11486
Vulnerability from gsd
Modified
2023-12-13 01:24
Details
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
Aliases
Aliases
{ GSD: { alias: "CVE-2019-11486", description: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", id: "GSD-2019-11486", references: [ "https://www.suse.com/security/cve/CVE-2019-11486.html", "https://www.debian.org/security/2019/dsa-4465", "https://advisories.mageia.org/CVE-2019-11486.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2019-11486", ], details: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", id: "GSD-2019-11486", modified: "2023-12-13T01:24:00.642537Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-11486", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { name: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", refsource: "MISC", url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", refsource: "MISC", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { name: "[oss-security] 20190429 Linux kernel: multiple issues", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, { name: "openSUSE-SU-2019:1404", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { name: "https://security.netapp.com/advisory/ntap-20190517-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190517-0005/", }, { name: "openSUSE-SU-2019:1407", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { name: "openSUSE-SU-2019:1479", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { name: "https://support.f5.com/csp/article/K50222414", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K50222414", }, { name: "DSA-4465", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Jun/26", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.18.139", versionStartIncluding: "3.17", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.4.179", versionStartIncluding: "3.19", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.16.66", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.9.169", versionStartIncluding: "4.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.14.112", versionStartIncluding: "4.10", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.19.35", versionStartIncluding: "4.15", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "5.0.8", versionStartIncluding: "4.20", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:netapp:active_iq:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:9.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.7:*:*:*:*:vmware_vsphere:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:virtual_storage_console:9.7:*:*:*:*:vmware_vsphere:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-11486", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-362", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { name: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", refsource: "MISC", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { name: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { name: "[oss-security] 20190429 Linux kernel: multiple issues", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, { name: "openSUSE-SU-2019:1404", refsource: "SUSE", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { name: "https://security.netapp.com/advisory/ntap-20190517-0005/", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190517-0005/", }, { name: "openSUSE-SU-2019:1407", refsource: "SUSE", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update", refsource: "MLIST", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { name: "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update", refsource: "MLIST", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { name: "openSUSE-SU-2019:1479", refsource: "SUSE", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { name: "https://support.f5.com/csp/article/K50222414", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K50222414", }, { name: "DSA-4465", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", refsource: "MLIST", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", refsource: "BUGTRAQ", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/26", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.9, }, }, lastModifiedDate: "2023-10-05T14:22Z", publishedDate: "2019-04-23T22:29Z", }, }, }
ghsa-fq7v-x63h-q5h9
Vulnerability from github
Published
2022-05-24 16:44
Modified
2023-07-07 21:30
Severity ?
Details
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
{ affected: [], aliases: [ "CVE-2019-11486", ], database_specific: { cwe_ids: [ "CWE-362", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2019-04-23T22:29:00Z", severity: "MODERATE", }, details: "The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.", id: "GHSA-fq7v-x63h-q5h9", modified: "2023-07-07T21:30:16Z", published: "2022-05-24T16:44:31Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11486", }, { type: "WEB", url: "https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { type: "WEB", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112", }, { type: "WEB", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35", }, { type: "WEB", url: "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169", }, { type: "WEB", url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8", }, { type: "WEB", url: "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084edc3f6d67750f50d4183134c4fb5712a5c8", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { type: "WEB", url: "https://seclists.org/bugtraq/2019/Jun/26", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20190517-0005", }, { type: "WEB", url: "https://support.f5.com/csp/article/K50222414", }, { type: "WEB", url: "https://www.debian.org/security/2019/dsa-4465", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2019/04/29/1", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.